Unbound resolving to high ping servers
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.
For example, using 8.8.8.8
as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (216.58.196.206): 56 data bytes
64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms
But with Unbound (with 8.8.8.8@853
) as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (172.217.194.139): 56 data bytes
64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms
This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?
Here is my /etc/unbound/unbound.conf.d/pi-hole.conf
## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf original at https://calomel.org/unbound_dns.html
# edited by bartonbytes.com
server:
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
cache-max-ttl: 14400
cache-min-ttl: 600
do-tcp: yes
hide-identity: yes
hide-version: yes
interface: 127.0.0.1
minimal-responses: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
ssl-upstream: yes
use-caps-for-id: yes
verbosity: 1
port: 5353
#
forward-zone:
name: "."
forward-addr: 8.8.4.4@853#dns.google
forward-addr: 8.8.8.8@853#dns.google
dns raspberry-pi dnsmasq pi-hole unbound
add a comment |
I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.
For example, using 8.8.8.8
as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (216.58.196.206): 56 data bytes
64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms
But with Unbound (with 8.8.8.8@853
) as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (172.217.194.139): 56 data bytes
64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms
This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?
Here is my /etc/unbound/unbound.conf.d/pi-hole.conf
## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf original at https://calomel.org/unbound_dns.html
# edited by bartonbytes.com
server:
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
cache-max-ttl: 14400
cache-min-ttl: 600
do-tcp: yes
hide-identity: yes
hide-version: yes
interface: 127.0.0.1
minimal-responses: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
ssl-upstream: yes
use-caps-for-id: yes
verbosity: 1
port: 5353
#
forward-zone:
name: "."
forward-addr: 8.8.4.4@853#dns.google
forward-addr: 8.8.8.8@853#dns.google
dns raspberry-pi dnsmasq pi-hole unbound
add a comment |
I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.
For example, using 8.8.8.8
as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (216.58.196.206): 56 data bytes
64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms
But with Unbound (with 8.8.8.8@853
) as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (172.217.194.139): 56 data bytes
64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms
This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?
Here is my /etc/unbound/unbound.conf.d/pi-hole.conf
## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf original at https://calomel.org/unbound_dns.html
# edited by bartonbytes.com
server:
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
cache-max-ttl: 14400
cache-min-ttl: 600
do-tcp: yes
hide-identity: yes
hide-version: yes
interface: 127.0.0.1
minimal-responses: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
ssl-upstream: yes
use-caps-for-id: yes
verbosity: 1
port: 5353
#
forward-zone:
name: "."
forward-addr: 8.8.4.4@853#dns.google
forward-addr: 8.8.8.8@853#dns.google
dns raspberry-pi dnsmasq pi-hole unbound
I have installed unbound on my Pi Hole to get DNS over TLS for my entire home network. I realized that my home network had gotten slower than before. At first, I thought it may be because of Unbound running on RPi(which is a slow piece of hardware). But after digging a bit, I found out that Unbound was resolving to servers with high ping time.
For example, using 8.8.8.8
as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (216.58.196.206): 56 data bytes
64 bytes from 216.58.196.206: icmp_seq=0 ttl=56 time=7.708 ms
64 bytes from 216.58.196.206: icmp_seq=1 ttl=56 time=6.879 ms
64 bytes from 216.58.196.206: icmp_seq=2 ttl=56 time=7.101 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 6.879/7.229/7.708/0.350 ms
But with Unbound (with 8.8.8.8@853
) as my DNS server, google.com
is resolved to:
~
❯ ping google.com
PING google.com (172.217.194.139): 56 data bytes
64 bytes from 172.217.194.139: icmp_seq=0 ttl=45 time=93.338 ms
64 bytes from 172.217.194.139: icmp_seq=1 ttl=45 time=92.548 ms
64 bytes from 172.217.194.139: icmp_seq=2 ttl=45 time=94.111 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 92.548/93.332/94.111/0.638 ms
This means that the average ping time is ~13.5x times higher with the server Unbound has resolved to. But what I am not able to digest is the fact that I am using none other than the Google DNS in both cases. Why is this disparity arising?
Here is my /etc/unbound/unbound.conf.d/pi-hole.conf
## DNS Over TLS, Simple ENCRYPTED recursive caching DNS, TCP port 853
## unbound.conf original at https://calomel.org/unbound_dns.html
# edited by bartonbytes.com
server:
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/16 allow
access-control: 192.168.0.0/16 allow
access-control: 172.16.0.0/12 allow
cache-max-ttl: 14400
cache-min-ttl: 600
do-tcp: yes
hide-identity: yes
hide-version: yes
interface: 127.0.0.1
minimal-responses: yes
prefetch: yes
qname-minimisation: yes
rrset-roundrobin: yes
ssl-upstream: yes
use-caps-for-id: yes
verbosity: 1
port: 5353
#
forward-zone:
name: "."
forward-addr: 8.8.4.4@853#dns.google
forward-addr: 8.8.8.8@853#dns.google
dns raspberry-pi dnsmasq pi-hole unbound
dns raspberry-pi dnsmasq pi-hole unbound
edited Mar 13 at 13:30
Chirag Arora
asked Mar 12 at 11:58
Chirag AroraChirag Arora
12
12
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505856%2funbound-resolving-to-high-ping-servers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f505856%2funbound-resolving-to-high-ping-servers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown