Local DNS caching

Dave M.

New Member
TECHNICAL Contributor
Oct 9, 2006
874
Hermiston, OR
Boat Info
270 DA
Engines
7.4L, Bravo II
There is something fishy about my previous post in the Server Downtime thread with implementing DNS caching on my local mahine. It did in fact make a lot of difference in the response of this site. I have been trying to figure out why it did.

The web browser itself I believe does implement DNS caching, for a limited amount of time. Apparently current versions of Firefox cache DNS data for 60 seconds, while recent versions of IE cache for 30 minutes. Ii'm using Firefox, so if I spend more than a minute on a single page before clicking something else, the DNS cache will expire and the browser will have to do another lookup. These lookups for me were on the order of seconds, reason unknown. I believe the time can be changed in Firefox, but it is not readily apparent how to do that.

That amount of time that expires before it does another lookup is a parameter that can be set by the site being visited; in this case clubsearay.com. In fact, one can use the Unix dig command to query the clubsearay DNS server. In this case, @clubsearay tells dig to query that DNS server, and the clubsearay following is the name to ask about, again clubsearay. I had to specify where th query, as my system is now caching locally, and dig will by default look at the local cache.

dwm@EdgyEft:~$ dig @clubsearay.com www.clubsearay.com

; <<>> DiG 9.3.2 <<>> @clubsearay.com www.clubsearay.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11111
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.clubsearay.com. IN A

;; ANSWER SECTION:
www.clubsearay.com. 14400 IN CNAME clubsearay.com.
clubsearay.com. 14400 IN A 208.78.40.47


In the last line, I believe the 14400 is the number of seconds that clubsearay is requesting the DNS to be cached. This is 4 hours. If browsers would really follow this, it would reduce the workload on the DNS servers. I think this number is primarily intended the the chain of DNS servers on the internet.

If I do a default query, I will get the results from my local cache, like this:

dwm@EdgyEft:~$ dig clubsearay.com
...
;; ANSWER SECTION:
clubsearay.com. 10400 IN A 208.78.40.47

So, my local cache is counting down from 14400 as it should, and I just happened to query it 4000 seconds after it did the last lookup. Repeating the command does show it counting down.

So, bottom line for me with this is that Firefox does keep a local DNS cache, but for only a minute, not really long enough. Running a local cache really speeds things up, and the local cache does take directions from the DNS server for TTL. I was wondering yesterday after I turned it on whether it would hang on to an old invalid address, or what would cause it to time out. Now I know my local cache does comply with the Time To Live from the server, and that ClubSeaRay does have a reasonably long number set in the config files.
 
Last edited:
There is something fishy about my previous post in the Server Downtime thread with implementing DNS caching on my local mahine. It did in fact make a lot of difference in the response of this site. I have been trying to figure out why it did.

The web browser itself I believe does implement DNS caching, for a limited amount of time. Apparently current versions of Firefox cache DNS data for 60 seconds, while recent versions of IE cache for 30 minutes. Ii'm using Firefox, so if I spend more than a minute on a single page before clicking something else, the DNS cache will expire and the browser will have to do another lookup. These lookups for me were on the order of seconds, reason unknown. I believe the time can be changed in Firefox, but it is not readily apparent how to do that.

That amount of time that expires before it does another lookup is a parameter that can be set by the site being visited; in this case clubsearay.com. In fact, one can use the Unix dig command to query the clubsearay DNS server. In this case, @clubsearay tells dig to query that DNS server, and the clubsearay following is the name to ask about, again clubsearay. I had to specify where th query, as my system is now caching locally, and dig will by default look at the local cache.

dwm@EdgyEft:~$ dig @clubsearay.com www.clubsearay.com

; <<>> DiG 9.3.2 <<>> @clubsearay.com www.clubsearay.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11111
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.clubsearay.com. IN A

;; ANSWER SECTION:
www.clubsearay.com. 14400 IN CNAME clubsearay.com.
clubsearay.com. 14400 IN A 208.78.40.47


In the last line, I believe the 14400 is the number of seconds that clubsearay is requesting the DNS to be cached. This is 4 hours. If browsers would really follow this, it would reduce the workload on the DNS servers. I think this number is primarily intended the the chain of DNS servers on the internet.

If I do a default query, I will get the results from my local cache, like this:

dwm@EdgyEft:~$ dig clubsearay.com
...
;; ANSWER SECTION:
clubsearay.com. 10400 IN A 208.78.40.47

So, my local cache is counting down from 14400 as it should, and I just happened to query it 4000 seconds after it did the last lookup. Repeating the command does show it counting down.

So, bottom line for me with this is that Firefox does keep a local DNS cache, but for only a minute, not really long enough. Running a local cache really speeds things up, and the local cache does take directions from the DNS server for TTL. I was wondering yesterday after I turned it on whether it would hang on to an old invalid address, or what would cause it to time out. Now I know my local cache does comply with the Time To Live from the server, and that ClubSeaRay does have a reasonably long number set in the config files.

There are several problems right now that I've seen. 1 there is 1 server and it's hosting the website and dns (both dns which is a agains RFC requirements) if you take a look the IP address for ns1.clubsearay.com ns2.clubsearay.com and the website itself are all on the same IP meaning same server meaning no failover or backups when things go wrong.

Also the icons at the bottom of posts for the message are all pointing at http://208.78.40.45/forum/images/icons/ which is not the IP address of the server. Why is the IP address hardcoded? :huh:

Also the site is still not available from many different networks I've checked but that does not appear to be the TTL because it's been broken for 3 days now.

I could also give my on opinion about the situation but I'll keep that to myself since I was told if you have nothing nice to say don't say anything at all.
 
What does all that mean? Good god man, you have used more initials and acronyms that the military does with a top secret invasion plan......and I want the little emotion symbols!!!
 
There are several problems right now that I've seen. 1 there is 1 server and it's hosting the website and dns (both dns which is a agains RFC requirements) if you take a look the IP address for ns1.clubsearay.com ns2.clubsearay.com and the website itself are all on the same IP meaning same server meaning no failover or backups when things go wrong.

Also the icons at the bottom of posts for the message are all pointing at http://208.78.40.45/forum/images/icons/ which is not the IP address of the server. Why is the IP address hardcoded? :huh:

Also the site is still not available from many different networks I've checked but that does not appear to be the TTL because it's been broken for 3 days now.

I could also give my on opinion about the situation but I'll keep that to myself since I was told if you have nothing nice to say don't say anything at all.

To touch on this a little bit.

DNS and web can be hosted on the same server no problem. The reason for this is that if you have a website being hosted on 1 server, the server goes down, DNS doesnt matter at that point as traffic isnt going to go anywhere. dns servers have very little load so wherever it is hosted does not matter, even if its on the same ip as another nameserver and the web server, still doesnt cause any issues. Getting into full failover and redundant setups is high $$. Your then talking about mysql replication, load balancing and such. All of this sure can be done, we do it all the time. Just costs a nice penny.

Currently the problems over the last few days were from the old server that was hosting DNS for this site is now having a funeral for its death... I just added the old nameservers to this server as well so resolution problems should be not a problem while dns changes. we are also about to change the DNS to be handled by the registrar as soon as the domain is transferred, this should help further with redundancy and such.
 
To touch on this a little bit.

DNS and web can be hosted on the same server no problem. The reason for this is that if you have a website being hosted on 1 server, the server goes down, DNS doesnt matter at that point as traffic isnt going to go anywhere. dns servers have very little load so wherever it is hosted does not matter, even if its on the same ip as another nameserver and the web server, still doesnt cause any issues. Getting into full failover and redundant setups is high $$. Your then talking about mysql replication, load balancing and such. All of this sure can be done, we do it all the time. Just costs a nice penny.

Currently the problems over the last few days were from the old server that was hosting DNS for this site is now having a funeral for its death... I just added the old nameservers to this server as well so resolution problems should be not a problem while dns changes. we are also about to change the DNS to be handled by the registrar as soon as the domain is transferred, this should help further with redundancy and such.

What about the post icons at the bottom of the "Reply to Thread" pages?
Morpheus said:
Also the icons at the bottom of posts for the message are all pointing at http://208.78.40.45/forum/images/icons/ which is not the IP address of the server. Why is the IP address hardcoded?
 
Which images have the IP address? I looked at a few, like "post reply" and "edit" and they show the domain in the url, not the IP.
 
Jim, they are there as he says. To see them, just start a reply, then click View Source in your browser, and then search for '208'. They are for the icons at the bottom of the reply pane. If you look, you may see that these icons do not appear. The radio buttons are there, but no icons. On my system, they eventually appear sometimes.

Also, if you move your cursor outside the text window box, you will see that even after the reply page has been open for a minute or two, you still have an hourglass, or whatever your 'waiting' symbol is. This tells you that the page is not done downloading. It should not take over a minute to download the page. The problem is that those icons, at the hard coded address, are not being loaded. That IP address resolves extremely slowly or not at all.
 
OK, found them and fixed it. Not sure why they were hard coded. If you find anything else let me know.
 
jim, i did a recursive search for the ip in the forum directory and diddnt find any other occurances of it. the guy who moved the site must have done it.
 

Forum statistics

Threads
112,950
Messages
1,422,865
Members
60,932
Latest member
juliediane
Back
Top