Re: Subject: Re: Slow connections - DNS problems?
On 3/24/21 2:44 PM, Charlie Gibbs wrote:
$ cat /etc/debian_version
10.8
Okay -- that is current.
$ uname -a
Linux cjglap2 4.19.0-14-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30)
x86_64 GNU/Linux
Okay -- that is current.
$ nmcli g status
STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN
connected full enabled enabled enabled enabled
Okay.
$ nmcli c show
NAME UUID TYPE DEVICE
mundie 6 f877f569-e0a2-4ff8-96d5-a1e9d39f41ce wifi wlp3s0
Wired connection 1 3a662505-1ba3-4d66-9407-477a0eb47a8f ethernet enp0s25
(plus 14 lines for wifi connections I've had in the past) --
So, your computer has two active network interfaces, one Ethernet and
one Wi-Fi. If each is connected to a different network and you know
what you are doing, then that is okay. But if they are both connected
to the same network without you having a very specific reason for doing
so and the knowledge to make it happen correctly, then you are asking
for problems.
$ nmcli d show
GENERAL.DEVICE: enp0s25
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 5C:FF:35:07:33:D2
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: Wired connection 1
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/152
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.0.33/24
Your Ethernet is on network 192.168.0.0/24 at IP address 192.168.0.33.
GENERAL.DEVICE: wlp3s0
GENERAL.TYPE: wifi
GENERAL.HWADDR: 18:3D:A2:A6:56:14
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: mundie 6
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/153
IP4.ADDRESS[1]: 192.168.0.44/24
Your Wi-Fi is also on network 192.168.0.0/24 at address 192.168.0.44.
Why are your Ethernet and Wi-Fi adapters connected to the same network?
If you do not have a solid reason, disconnect one and configure
Network Manager to only automatically connect one of them.
While many DHCP servers allow me to pick arbitrary starting and ending
lease addresses, I prefer to think of DHCP leases as a subnet and align
the start and ending addresses accordingly. So, I would treat DHCP as
network 192.168.128.0/25 and configure the network gateway DHCP server
leases to start at 192.168.0.130 and to end at 192.168.0.254 (e.g. leave
out 192.168.0.129 for a gateway and leave out 102.168.0.255 for
broadcast). I recommend doing this.
$ time host -v -t A www.debian.org 208.67.222.222
Trying "www.debian.org"
Using domain server:
Name: 208.67.222.222
Address: 208.67.222.222#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21468
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.debian.org. IN A
;; ANSWER SECTION:
www.debian.org. 300 IN A 128.31.0.62
www.debian.org. 300 IN A 149.20.4.15
Received 64 bytes from 208.67.222.222#53 in 584 ms
Okay.
$ time host -v -t A news.newsguy.com 208.67.222.222
Trying "news.newsguy.com"
Using domain server:
Name: 208.67.222.222
Address: 208.67.222.222#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35638
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;news.newsguy.com. IN A
;; ANSWER SECTION:
news.newsguy.com. 3600 IN A 74.209.136.82
news.newsguy.com. 3600 IN A 74.209.136.88
news.newsguy.com. 3600 IN A 74.209.136.89
news.newsguy.com. 3600 IN A 74.209.136.90
news.newsguy.com. 3600 IN A 74.209.136.91
news.newsguy.com. 3600 IN A 74.209.136.92
news.newsguy.com. 3600 IN A 74.209.136.94
news.newsguy.com. 3600 IN A 74.209.136.95
Received 162 bytes from 208.67.222.222#53 in 118 ms
> I threw in one with a call to news.newsguy.com as well,
> since that's the server I'm having trouble connecting to.
Hmmm... I am curious why they have eight 'A' records in the same
subnet. Are they attempting to provide redundancy, load balancing, or
something else? Figuring out how every client OS's and every client
application will respond to this situation would require a lot of
knowledge that is constantly changing -- e.g. a recipe for infinite bug
propagation. This could be a source of your problems.
(I would think they would be better off with one 'A' record pointing at
a load balancer that fronts a DMZ containing the eight servers. A
second load balancer can be added with suitable tricks to deal with one
balancer breaking.)
While you have no control over the news.newsguy.com DNS settings, you
could pick one of those IP addresses and put it into your /etc/hosts
file (or possibly the /etc/hosts file of your network gateway). This
would prevent your OS and reader from seeing those eight 'A' records.
But, your news reader would only work when that one server is up.
$ nmcli d show | perl -ae 'print $F[1],"\n" if $F[0] =~
/IP\d\.DNS\[\d+\]/' | xargs -n 1 host -v -t A www.debian.org
Trying "www.debian.org"
Using domain server:
Name: 192.168.0.1
Address: 192.168.0.1#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56105
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.debian.org. IN A
;; ANSWER SECTION:
www.debian.org. 263 IN A 149.20.4.15
www.debian.org. 263 IN A 128.31.0.62
Received 64 bytes from 192.168.0.1#53 in 8 ms
Your network gateway appears to have a DNS proxy that is working correctly.
Trying "www.debian.org"
Using domain server:
Name: 75.153.171.122
Address: 75.153.171.122#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49283
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.debian.org. IN A
;; ANSWER SECTION:
www.debian.org. 263 IN A 128.31.0.62
www.debian.org. 263 IN A 149.20.4.15
Received 64 bytes from 75.153.171.122#53 in 8 ms
TELUS controls 75.152.0.0/13. Given the 8 ms response time, that must
be the WAN side address of your network gateway.
But, I would not include that address in the network gateway DHCP server
DNS lease settings.
Did you change the DHCP server DNS lease settings in the network
gateway, or is that how TELUS or the gateway manufacturer set it?
Trying "www.debian.org"
Using domain server:
Name: 2001:568:ff09:10a::56
Address: 2001:568:ff09:10a::56#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19558
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.debian.org. IN A
;; ANSWER SECTION:
www.debian.org. 300 IN A 149.20.4.15
www.debian.org. 300 IN A 128.31.0.62
Received 64 bytes from 2001:568:ff09:10a::56#53 in 147 ms
Trying "www.debian.org"
Using domain server:
Name: 2001:568:ff09:10b::122
Address: 2001:568:ff09:10b::122#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24974
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.debian.org. IN A
;; ANSWER SECTION:
www.debian.org. 263 IN A 149.20.4.15
www.debian.org. 263 IN A 128.31.0.62
Received 64 bytes from 2001:568:ff09:10b::122#53 in 7 ms
TELUS controls 2001:568:: - 2001:56F:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF.
Those must be the TELUS primary and secondary DNS servers.
Trying "www.debian.org"
<snip>
Received 64 bytes from 2001:568:ff09:10b::122#53 in 7 ms
Those duplicates are because both Ethernet and Wi-Fi are connected.
Thanks to all for your help.
YW. Post if you have more issues/ questions.
David
p.s. "Networking for System Administrators" by Lucas is good:
https://mwl.io/nonfiction/networking#n4sa
Reply to: