High DoH resolution latency
My DoH resolution latency is consistently ~ 500 ms despite relatively low network latency and much faster standard DNS lookups. I believe this is having a very adverse affect on browser performance. I strongly prefer the privacy DoH offers and would rather not configure my clients to use standard DNS.
Any recommendations for additional troubleshooting?
jeffl@Dell:~$ bin/trustydns-dig https://dns.nextdns.io google.com mx 
 ;; opcode: QUERY, status: NOERROR, id: 53538
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
 ;google.com.    IN       MX
;; ANSWER SECTION:
 google.com. 300 IN MX 10 smtp.google.com.
;; ADDITIONAL SECTION:
;; OPT PSEUDOSECTION:
 ; EDNS: version 0; flags: ; udp: 1232
;; Query Time: 423ms/0s
 ;; Final Server: https://dns.nextdns.io
 ;; Tries: 1(queries) 1(servers)
 ;; Payload Size: 80
jeffl@Dell:~$
jeffl@Dell:~dig @45.90.28.175 www.yahoo.com
; <<>> DiG 9.18.28-1~deb12u2-Debian <<>> @45.90.28.175 www.yahoo.com
 ; (1 server found)
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48433
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
 ; EDNS: version: 0, flags:; udp: 1232
 ;; QUESTION SECTION:
 ;www.yahoo.com.                 IN      A
;; ANSWER SECTION:
 www.yahoo.com. 35 IN CNAME me-ycpi-cf-www.g06.yahoodns.net.
 me-ycpi-cf-www.g06.yahoodns.net. 35 IN A 209.73.179.248 
 me-ycpi-cf-www.g06.yahoodns.net. 35 IN A 209.73.179.247
;; Query time: 20 msec
 ;; SERVER: 45.90.28.175#53(45.90.28.175) (UDP)
 ;; WHEN: Thu Dec 05 10:26:00 EST 2024
 ;; MSG SIZE  rcvd: 119
jeffl@Dell:~$
jeffl@Dell:~$ sh -c 'sh -c "$(curl -s https://nextdns.io/diag)"'
Welcome to NextDNS network diagnostic tool.
This tool will download a small binary to capture latency and routing information
 regarding the connectivity of your network with NextDNS. In order to perform a
 traceroute, root permission is required. You may therefore be asked to provide
 your password for sudo.
The source code of this tool is available at https://github.com/nextdns/diag
Do you want to continue? (press enter to accept)
 [sudo] password for jeffl:
 Testing IPv6 connectivity
   available: false
 Fetching https://test.nextdns.io
   status: ok
   client: 2600:4040:4025:a500:f4be:481f:aff7:cff0
   protocol: UDP
   dest IP:
   server: vultr-atl-1
 Fetching PoP name for ultra low latency primary IPv4 (ipv4.dns1.nextdns.io)
   hetzner-iad: 8.417ms
 Fetching PoP name for ultra low latency secondary IPv4 (ipv4.dns2.nextdns.io)
   zepto-iad: 32.955ms
 Fetching PoP name for anycast primary IPv4 (45.90.28.0)
   vultr-atl: 22.939ms
 Fetching PoP name for anycast secondary IPv4 (45.90.30.0)
   zepto-iad: 9.386ms
 Pinging PoPs
   hydron-clt: 9.298ms
   hetzner-iad: 9.36ms
   anexia-mnz: 9.352ms
   anexia-ewr: 9.324ms
   zepto-xrs: 19.305ms
   zepto-iad: 21.107ms
   tier-clt: 22.799ms
   vultr-ewr: 21.104ms
   teraswitch-pit: 40.022ms
   cloudzy-pit: 59.538ms
 Traceroute for ultra low latency primary IPv4 (5.161.43.197)
     1    192.168.0.1   29ms  15ms  15ms
     2     72.86.37.1    6ms   8ms   7ms
     3  100.41.24.130   17ms   4ms  14ms
     4                   *     *     *
     5                   *     *     *
     6  62.115.56.201   12ms  11ms   9ms
     7     5.161.0.82    9ms   9ms   9ms
     8                   *     *     *
     9    5.161.8.250   12ms   9ms   9ms
    10   5.161.43.197   11ms  12ms   5ms
 Traceroute for ultra low latency secondary IPv4 (199.119.65.94)
     1    192.168.0.1    1ms   0ms   0ms
     2     72.86.37.1    9ms   9ms   7ms
     3  100.41.24.132   11ms  10ms   7ms
     4                   *     *     *
     5 80.239.135.178    9ms  12ms   *
     6   62.115.10.98    6ms  10ms  21ms
     7 45.134.214.101    7ms   8ms  11ms
     8  199.119.65.14    7ms   9ms  16ms
     9  199.119.65.94   13ms  10ms   9ms
 Traceroute for anycast primary IPv4 (45.90.28.0)
     1    192.168.0.1    0ms   0ms   0ms
     2     72.86.37.1   21ms  14ms   5ms
     3  100.41.24.130   11ms   9ms  11ms
     4                   *     *     *
     5 80.239.135.178    9ms  11ms   *
     6 62.115.123.124   10ms   *    17ms
     7                   *     *     *
     8 62.115.138.241   20ms  21ms  28ms
     9 213.248.96.151   28ms  20ms  25ms
    10                   *     *     *
    11                   *     *     *
    12                   *     *     *
    13     45.90.28.0   24ms  17ms  20ms
 Traceroute for anycast secondary IPv4 (45.90.30.0)
     1    192.168.0.1    2ms   2ms   0ms
     2     72.86.37.1   12ms   5ms  10ms
     3  100.41.24.130   13ms   7ms  17ms
     4                   *     *     *
     5 80.239.135.178    *     *    10ms
     6   62.115.10.98   17ms  10ms  19ms
     7 45.134.214.101    9ms  11ms   9ms
     8  199.119.65.14    7ms  12ms   7ms
     9     45.90.30.0   13ms   6ms  12ms
 Do you want to send this report? [Y/n]:
5 replies
- 
  What software are you using for DoH? I am using dnscrypt and its very fast, same speed as cloudflare. 
- 
  Looking at the report, your queries seems to be around 8 and 30ms. 
Content aside
- 10 mths agoLast active
- 5Replies
- 262Views
- 
    3
    Following
    
