0

High latency fluctuation using NextDNS on RPi!

Hello there,

I'm monitoring the duration of the DNS queries on my PIs using Netdata. As you can see on the graph below, the values for 192.168.1.10 & 192.168.1.6 (PIs IPs), are highly fluctuating than standard DNS (8.8.8.8 & 1.1.1.1).

This behaviour is persistant since the installation of nextdns-cli on both PIs. Could be related to the usage of DoH while the other DNS are "standard"?

I would expect a lower latency & stabler since the domains polled should be cached.

Thanks for your support!

 

9 replies

null
    • olivier
    • 3 yrs ago
    • Reported - view

    Feels like you are testing the cache of the CLI when it is 0 then you get the TCP/TLS connection time penalty when out of cache. Is the CLI on those Pis busy with other queries, or it is just used for this monitor? What is the pulling interval of your monitoring system?

      • Fabio
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey 

      My first RPi (.5) is only running nextdns-cli and it's serving the DNS through a keepalived IP (.10). The second RPi (.6) is running netdata with 60s DNS interval and a motioneye daemon. It's strange because the fluctuations are present only on nextdns queries and not on other DNS providers (so related to nextdns-cli).

      • olivier
      • 3 yrs ago
      • Reported - view

      Fabio with 60s idle, the CLI will lose the connection to the upstream and have to re-establish the TCP/TLS connection each time, which is about 2 roundtrips. Other providers you are testing are UDP, they don't have have to be connected. When you get 0ms, you are just testing CLI's cache, hence the instability of you test. This all depend on the TTL of the domain you are testing.

      Testing an unloaded CLI against distant busy UDP server is like comparing apples and oranges BTW :)

      A better test would be on a CLI that is loaded with clients requests. Keeping the CLI busy will make sure the TLS connection stays connected. Also, use a random domain, or a domain with a very low TTL, otherwise you will be randomly testing CLI caching capability.

      • Fabio
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey 

      If I understand correctly, the CLI will lose the connection if it's only tested by netdata (with 60s polling). But this is my main DNS, serving my whole network so I don't think that nextdns-cli re-establish the connection, right?

      • olivier
      • 3 yrs ago
      • Reported - view

      Fabio that's why I asked if the CLI you are testing is busy with other queries. What do you get in "nextdns log"?

      • Fabio
      • 3 yrs ago
      • Reported - view
      • olivier
      • 3 yrs ago
      • Reported - view

      Fabio seems like it reconnects every few minutes. It doesn't look like this server is getting a consistent flow of queries. After an idle period, the first query will always be slower than subsequent queries with DoH or DoT. Your monitoring is measuring CLI cache (0ms) and reconnects (2 to 3x the normal latency).

      • Fabio
      • 3 yrs ago
      • Reported - view

      Olivier Poitrey Ok then sounds correct. Is there a way to keep the connection established so to avoid the latency due to the reconnection?

      • olivier
      • 3 yrs ago
      • Reported - view

      Fabio no, the server will close the connection if the client is idle for too long. The only way is to have a queries. On a LAN with active users, it should be the case.

Content aside

  • 3 yrs agoLast active
  • 9Replies
  • 81Views
  • 2 Following