DNS Performance remotely vs local - Pi-Hole > Unbound

magicdude4eva · July 18, 2021, 11:04am

The issue I am facing:
I am running Pi-Hole + Unbound and I noticed that running DNS Test on the Pi-Hole, I get good performance:

Running it on my MacBook, I get almost same performance as via "outside" DNS (my Pi-Hole is 192.168.1.200):

Running a "dig www.google.com" results in a query-time of 50ms on my MacBook:

Running the same on the Pi-Hole is expected fast:

I am not sure what I am missing. I do not see anything blatantly wrong on the Pi-Hole setup.

Details about my system:
See debug token via: https://tricorder.pi-hole.net/jt58gfflj5

What I have changed since installing Pi-hole:
Nothing - has been running like this for a while, first time I did speed tests.

Bucking_Horn · July 18, 2021, 3:21pm

I see no reason for worries in your observations - they seem perfectly normal.

It is to be expected that a DNS reply takes somewhat longer to reach a client than to reach Pi-hole itself, as at least the latency of the client connection will be accumulated on top of the time an upstream needs to supply that answer.

Also note that if you are using unbound as a full recursive resolver as Pi-hole's upstream, you should expect that first time DNS request for a domain may take longer than using a public resolver (which might be able to supply an answer from its cache).

Coro · July 19, 2021, 7:34am

@Bucking_Horn He point is a different one (if I understood it correctly, at least):

Querying the Pi-hole on the Pi-hole itself (127.0.0.1) for a cached entry is fast as expected: 1ms
Querying the Pi-hole from another device in the same local network (192.168.2.100) but for the same cached entry is very slow: 50 ms

So the question is why his internal network is so slow as the Pi-hole doesn't seem to be the issue here.

@magicdude4eva Is my interpretation correct? Are you sure that your query are cached in this picture?

You queried google.com from your MaxBook and www.google.com locally on the Pi-hole. Pay attention - they are not the same thing as www is a subdomain so requires extra work in the DNS chain!

Please repeat the test a few times alternating between it locally on the Pi-hole and on your Mac and use the identical domain so we can see better if this is systematic.

magicdude4eva · July 19, 2021, 6:38pm

This is correct - I repeated it a few times:

Mac:

vs PiHole:

vs Hassio (IOT device on another VLAN):

I do not see any weird routing either on the Mac:

❯ traceroute 192.168.1.200
traceroute to 192.168.1.200 (192.168.1.200), 64 hops max, 52 byte packets
 1  pi.hole (192.168.1.200)  4.342 ms  1.467 ms  1.426 ms

If I can deliver any other diagnostics, let me know. To me it does feel the issue is with the Mac. I just want to rule out any issue on the PiHole. Networking should be fine - Unifi gear all round with 1Gbs LAN connectivity.

Bucking_Horn · July 19, 2021, 8:33pm

Your dig results would be in line with a longer response time for a first query, followed by shorter ones that Pi-hole could answer straight from its cache.
Pi-hole's Query Log should reveal which replies have been served from its cache.

If that's the case, I'd still say your observations are normal.

system · August 9, 2021, 8:33pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.