Unbound resolving to high ping servers

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.



For example, using 8.8.8.8 as my DNS server, google.com is resolved to:



~
❯ ping google.com
PING google.com (216.58.196.206): 56 data bytes
64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms


But with Unbound (with 8.8.8.8@853) as my DNS server, google.com is resolved to:



~
❯ ping google.com
PING google.com (172.217.194.139): 56 data bytes
64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms


This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?



Here is my /etc/unbound/unbound.conf.d/pi-hole.conf



## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf original at https://calomel.org/unbound_dns.html
# edited by bartonbytes.com
server:
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
cache-max-ttl: 14400
cache-min-ttl: 600
do-tcp: yes
hide-identity: yes
hide-version: yes
interface: 127.0.0.1
minimal-responses: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
ssl-upstream: yes
use-caps-for-id: yes
verbosity: 1
port: 5353
#
forward-zone:
name: "."
forward-addr: 8.8.4.4@853#dns.google
forward-addr: 8.8.8.8@853#dns.google









share|improve this question






























    0















    I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.



    For example, using 8.8.8.8 as my DNS server, google.com is resolved to:



    ~
    ❯ ping google.com
    PING google.com (216.58.196.206): 56 data bytes
    64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
    64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
    64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
    --- google.com ping statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms


    But with Unbound (with 8.8.8.8@853) as my DNS server, google.com is resolved to:



    ~
    ❯ ping google.com
    PING google.com (172.217.194.139): 56 data bytes
    64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
    64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
    64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
    --- google.com ping statistics ---
    3 packets transmitted, 3 packets received, 0.0% packet loss
    round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms


    This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?



    Here is my /etc/unbound/unbound.conf.d/pi-hole.conf



    ## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
    ## unbound.conf original at https://calomel.org/unbound_dns.html
    # edited by bartonbytes.com
    server:
    access-control: 127.0.0.0/8 allow
    access-control: 10.0.0.0/16 allow
    access-control: 192.168.0.0/16 allow
    access-control: 172.16.0.0/12 allow
    cache-max-ttl: 14400
    cache-min-ttl: 600
    do-tcp: yes
    hide-identity: yes
    hide-version: yes
    interface: 127.0.0.1
    minimal-responses: yes
    prefetch: yes
    qname-minimisation: yes
    rrset-roundrobin: yes
    ssl-upstream: yes
    use-caps-for-id: yes
    verbosity: 1
    port: 5353
    #
    forward-zone:
    name: "."
    forward-addr: 8.8.4.4@853#dns.google
    forward-addr: 8.8.8.8@853#dns.google









    share|improve this question


























      0












      0








      0








      I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.



      For example, using 8.8.8.8 as my DNS server, google.com is resolved to:



      ~
      ❯ ping google.com
      PING google.com (216.58.196.206): 56 data bytes
      64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
      64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
      64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
      --- google.com ping statistics ---
      3 packets transmitted, 3 packets received, 0.0% packet loss
      round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms


      But with Unbound (with 8.8.8.8@853) as my DNS server, google.com is resolved to:



      ~
      ❯ ping google.com
      PING google.com (172.217.194.139): 56 data bytes
      64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
      64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
      64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
      --- google.com ping statistics ---
      3 packets transmitted, 3 packets received, 0.0% packet loss
      round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms


      This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?



      Here is my /etc/unbound/unbound.conf.d/pi-hole.conf



      ## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
      ## unbound.conf original at https://calomel.org/unbound_dns.html
      # edited by bartonbytes.com
      server:
      access-control: 127.0.0.0/8 allow
      access-control: 10.0.0.0/16 allow
      access-control: 192.168.0.0/16 allow
      access-control: 172.16.0.0/12 allow
      cache-max-ttl: 14400
      cache-min-ttl: 600
      do-tcp: yes
      hide-identity: yes
      hide-version: yes
      interface: 127.0.0.1
      minimal-responses: yes
      prefetch: yes
      qname-minimisation: yes
      rrset-roundrobin: yes
      ssl-upstream: yes
      use-caps-for-id: yes
      verbosity: 1
      port: 5353
      #
      forward-zone:
      name: "."
      forward-addr: 8.8.4.4@853#dns.google
      forward-addr: 8.8.8.8@853#dns.google









      share|improve this question
















      I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.



      For example, using 8.8.8.8 as my DNS server, google.com is resolved to:



      ~
      ❯ ping google.com
      PING google.com (216.58.196.206): 56 data bytes
      64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
      64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
      64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
      --- google.com ping statistics ---
      3 packets transmitted, 3 packets received, 0.0% packet loss
      round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms


      But with Unbound (with 8.8.8.8@853) as my DNS server, google.com is resolved to:



      ~
      ❯ ping google.com
      PING google.com (172.217.194.139): 56 data bytes
      64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
      64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
      64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
      --- google.com ping statistics ---
      3 packets transmitted, 3 packets received, 0.0% packet loss
      round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms


      This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?



      Here is my /etc/unbound/unbound.conf.d/pi-hole.conf



      ## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
      ## unbound.conf original at https://calomel.org/unbound_dns.html
      # edited by bartonbytes.com
      server:
      access-control: 127.0.0.0/8 allow
      access-control: 10.0.0.0/16 allow
      access-control: 192.168.0.0/16 allow
      access-control: 172.16.0.0/12 allow
      cache-max-ttl: 14400
      cache-min-ttl: 600
      do-tcp: yes
      hide-identity: yes
      hide-version: yes
      interface: 127.0.0.1
      minimal-responses: yes
      prefetch: yes
      qname-minimisation: yes
      rrset-roundrobin: yes
      ssl-upstream: yes
      use-caps-for-id: yes
      verbosity: 1
      port: 5353
      #
      forward-zone:
      name: "."
      forward-addr: 8.8.4.4@853#dns.google
      forward-addr: 8.8.8.8@853#dns.google






      dns raspberry-pi dnsmasq pi-hole unbound






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Mar 13 at 13:30







      Chirag Arora

















      asked Mar 12 at 11:58









      Chirag AroraChirag Arora

      12




      12




















          0






          active

          oldest

          votes












          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505856%2funbound-resolving-to-high-ping-servers%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505856%2funbound-resolving-to-high-ping-servers%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown






          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?