|
Post by mjgraves on Jul 20, 2015 16:29:18 GMT
I've noted that as my network connection gets faster (presently 50x10 Mbit Comcast Business Class) the user experience is often impacted by poor DNS performance. Does SmallWall cache DNS results? Is there something that I can do that improve DNS performance?
Michael
|
|
|
Post by Lee Sharp on Jul 20, 2015 17:18:15 GMT
Yes, the SmallWall dns forwarder does cache results, but (since it is is memory) it does not cache for a long time. And most web pages actually look up many (often over 20) dns names, so slow resolution hurts a lot. But there are a bunch of things that can help. 1) Make sure on System -> General that DNS setting are not overridden by DHCP. I have Comcast, and Comcast can not run DNS to save their lives... 2) On Services -> DNS forwarder make sure that "Enable All Servers" is checked. This means the first server to answer is used. 3) Install and use NameBench code.google.com/p/namebench/ This will help you find the three fastest servers for your location.
|
|
|
Post by mjgraves on Jul 20, 2015 19:21:36 GMT
Namebench is complaining as follows: At present SmallWall is set as you described. I have the DNS Forwarder disabled. The DNS settings are set to: 76.76.76.76 75.75.75.75 208.67.222.222 The SmallWall is behind a Comcast issued SMC router. In the past I had that device in bridge mode, but it is currently routing. This is because when I dropped static IP some time ago Comcast started to issue me an ipv6 address.
|
|
|
Post by Lee Sharp on Jul 20, 2015 20:09:03 GMT
It looks like comcast is filtering DNS requests at the router. (I have seen that on a few of them.) If that is the case, there is little that cen be done to fix it. It is a challenge to get those SMC gateways out of the way unless you are fully routing a subnet of static IPs. You may want to consider a Motorola SurfBoard SB6141 which is just a dumb device. mydeviceinfo.comcast.net/I have not seen IPv6 forced on anyone yet, especially since SmallWall can be configured to ignore it. What market are you in?
|
|
|
Post by mjgraves on Jul 28, 2015 14:56:46 GMT
I'm in Houston.
After confirming the maximum data rates on the device I ordered the Motorola SurfBoard SB6141.
|
|
|
Post by Lee Sharp on Jul 28, 2015 15:03:57 GMT
Me too. The MicroCenter on 59 has them in stock if you are impatient. And I know this setup works in this market, because I and many of my clients are running it.
|
|
|
Post by mjgraves on Jul 31, 2015 19:30:34 GMT
MicroCenter. Yeah, I used to like that place. Now I dread driving to that part of town. I got spoiled working from home in the Heights. Would prefer to let Amazon handle the delivery.
I've installed the little Motorola SB6141. Got Comcast to activate it. SmallWall gets an IPv4 address and two Comcast DNS entries.
All seems well, except that namebench still complains about DNS interception. I've tried with SmalLWall DNS forwarding both on & off.
Any ideas?
|
|
|
Post by Lee Sharp on Jul 31, 2015 22:31:02 GMT
It could be some anti-malware on your PC. (Or Malware...) I use Linux, so I am getting a different result. I generally use 4.2.2.2 and 198.6.1.1 on mine.
|
|