DNS fault analysis optimization

1、DNS Parse failure

        1.1 newspaper connection timed out; no servers could be reached error

[email protected]:/# nslookup  time.geekbang.org
;; connection timed out; no servers could be reached

        1.2 Check the network , Or use nslookup -debug www.baidu.com. It turns out that the network is journey connected , But visit baidu This website is accessed through the local ring back port , So the connection failed .

[email protected]:/# ping 114.114.114.114
PING 114.114.114.114 (114.114.114.114): 56 data bytes
64 bytes from 114.114.114.114: icmp_seq=0 ttl=127 time=29.275 ms
64 bytes from 114.114.114.114: icmp_seq=1 ttl=127 time=27.183 ms
^C--- 114.114.114.114 ping statistics 

[email protected]:/# nslookup -debug www.baidu.com
;; Connection to 127.0.0.1#53(127.0.0.1) for www.baidu.com failed: connection refused.
;; Connection to ::1#53(::1) for www.baidu.com failed: address not available.

        1.3 see Dns The configuration file , Found content is empty . So we need to configure DNS service

/# cat /etc/resolv.conf

[email protected]:/# echo "nameserver 114.114.114.114 " > /etc/resolv.conf
[email protected]:/# nslookup www.baidu.com
Server:		114.114.114.114
Address:	114.114.114.114#53

Non-authoritative answer:
www.baidu.com	canonical name = www.a.shifen.com.
Name:	www.a.shifen.com
Address: 14.215.177.39
Name:	www.a.shifen.com
Address: 14.215.177.38

2、DNS Analytical instability

        2.1 use time nslookup  mp.csdn.net For example , To check the delay , You can see real The delay in this column is 15S For a long time

[email protected]:~$ time  nslookup  mp.csdn.net
Server:		114.114.114.114
Address:	114.114.114.114#53

Non-authoritative answer:
Name:	mp.csdn.net
Address: 101.201.178.55


real	0m15.099s
user	0m0.000s
sys	0m0.013s

        2.2 If you test more , What will happen , Parsing failure may also occur

/# time nslookup mp.csdn.net
;; connection timed out; no servers could be reached

real  0m15.011s
user  0m0.006s
sys  0m0.006s

        2.3 For the above results , There may be many reasons ：

                2.3.1 DNS There is a problem with the server itself , Slow and unstable response

                2.3.2 The client to DNS The network latency of the server is relatively large

                2.3.3 DNS Request or response package , In some cases, request packets are discarded

        2.4 According to different delay , We can change different DNS, Use ping Command observation

[email protected]:~$ ping  mp.csdn.net
PING mp.csdn.net (101.201.178.55) 56(84) bytes of data.
64 bytes from 101.201.178.55 (101.201.178.55): icmp_seq=1 ttl=128 time=38.4 ms
64 bytes from 101.201.178.55 (101.201.178.55): icmp_seq=2 ttl=128 time=34.5 ms

        2.5 in the light of DNS The problem of too long parsing time , It can be done for the goal DNS cache , Use dnsmasq

# This command is executed on the container 
/# /etc/init.d/dnsmasq start
 * Starting DNS forwarder and DHCP server dnsmasq                    [ OK ]

        2.6 modify /etc/resolv.conf, take DNS The server is changed to DNSmasq The monitoring address of , This time we use the local address 114.114.114.114, And then do it many times nslookup command

[email protected]:/# time nslookup mp.csdn.net
Server:		114.114.114.114
Address:	114.114.114.114#53

Non-authoritative answer:
Name:	mp.csdn.net
Address: 101.201.178.55


real	0m0.115s
user	0m0.011s
sys	0m0.026s

        2.7 You can see that after executing many times ,DNS Parsing is relatively fast .

2、DNS Optimize the solution

        2.1 Yes DNS Parse the results and cache them , But be careful , After the cache has expired , Need to get a new record , Experienced friends can write a script , Get new records regularly .

        2.2 Yes DNS The parsed results are prefetched , This is the browser and so on Web The most commonly used method in application , in other words , Don't wait for users to click the hyperlink on the page , The browser will automatically resolve the domain name in the background , And cache the results .

        2.3 Use HTTPDNS Replace conventional DNS analysis , Especially nowadays, domain name hijacking is widespread , Use HTTP The protocol bypasses... In the link DNS The server , You can avoid the problem of domain name hijacking

       2.4 be based on DNS Global load balancing （GSLB）. This not only provides load balancing and high availability functions for services , It can also be based on the user's location , Return to the nearest IP Address .

This article is compiled from geek time Ni Pengfei ：《Linux Performance optimization practice 》