Very slow DNS resolution

tbhaxor · 26 May 2025 13:40

I have installed Manjaro in my new system afresh, but DNS resolution is too slow making internet browsing slow.

$ time ping -4 -c2 google.com                                                                                           130 ↵
PING google.com (142.250.194.46) 56(84) bytes of data.
64 bytes from del12s02-in-f14.1e100.net (142.250.194.46): icmp_seq=1 ttl=118 time=11.1 ms
64 bytes from del12s02-in-f14.1e100.net (142.250.194.46): icmp_seq=2 ttl=118 time=12.8 ms

--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 11.065/11.921/12.778/0.856 ms
ping -4 -c2 google.com  0.00s user 0.00s system 0% cpu 6.035 total

$ time ping -4 -c2 142.250.194.46
PING 142.250.194.46 (142.250.194.46) 56(84) bytes of data.
64 bytes from 142.250.194.46: icmp_seq=1 ttl=118 time=11.0 ms
64 bytes from 142.250.194.46: icmp_seq=2 ttl=118 time=11.2 ms

--- 142.250.194.46 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 11.029/11.093/11.158/0.064 ms
ping -4 -c2 142.250.194.46  0.00s user 0.00s system 0% cpu 1.014 total

I am using wireless network, and confirmed the strength of wireless link is strong.

$ inxi -nz
Network:
  Device-1: Intel Cannon Lake PCH CNVi WiFi driver: iwlwifi
  IF: wlo1 state: up mac: <filter>
  Device-2: Realtek RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet
    driver: r8169
  IF: enp3s0 state: down mac: <filter>
  IF-ID-1: br-6d4797324e30 state: down mac: <filter>
  IF-ID-2: docker0 state: down mac: <filter>

$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 59.144.144.45
nameserver 8.8.8.8
nameserver fe80::1%wlo1

Pille · 26 May 2025 13:52

The first DNS server is located in India and belongs to Bharti Broadband. Maybe not the fastest one?

tbhaxor · 26 May 2025 14:10

Yes, I commented out the name-server and it’s better now. Apparently, shortest distance is not only criteria for the faster resolution.

Pille · 26 May 2025 14:16

For sure not.
The Google nameservers (your second entry) are load balanced, therefore they are almost always faster as many provider specific servers.

You can also use 1.1.1.1 which is provided by Cloudflare or 9.9.9.9 by Quad9
If you want a bit more privacy, you can consider using NextDNS

Ben · 27 May 2025 02:15

@tbhaxor @cscs worked up a little script that will dig up some information about dns:d I’d say it’s defnitely worth your time:

bash <(curl -s https://gitlab.com/cscs/dnsdig/-/raw/main/dnsdig)

You can copy/paste that and use it in your terminal (not fish) and get some interesting feedback.

My output:



Current DNS 1.1.1.1
Avg time:  3.33333 ms

Cloudflare 1.1.1.1
Avg time:  3 ms

Quad9 9.9.9.9
Avg time:  4.33333 ms

Google 8.8.8.8
Avg time:  23.3333 ms

Level3/Lumen 209.244.0.3
Avg time:  25.3333 ms

OpenDNS/Cisco 208.67.222.222
Avg time:  25.3333 ms

AdGuard 94.140.14.14
Avg time:  26 ms

FlashStart 185.236.104.104
Avg time:  26.3333 ms

CleanBrowsing 185.228.168.9
Avg time:  26.6667 ms

Comodo 8.26.56.26
Avg time:  26.6667 ms

Control-D 76.76.2.2
Avg time:  27.6667 ms

DNSFilter 103.247.36.36
Avg time:  28 ms

Mullvad 194.242.2.2
Avg time:  61.3333 ms

NextDNS 45.90.28.105
Avg time:  75.6667 ms

Gcore 95.85.95.85
Avg time:  108.333 ms

SafeDNS 195.46.39.39
Avg time:  184.667 ms

UltraDNS/Vercara 64.6.64.6
Avg time:  202.333 ms

dns0.eu 193.110.81.0
Avg time:  234.667 ms

Dyn/Oracle 216.146.35.35
Avg time:  260 ms

tracyanne · 27 May 2025 03:47

With or without this…

./dnstest TESTDNS

and regardless of Yes or No here…

 Do you wish to flush the DNS cache (y/N)? n

[tracy@daphne .bin]$ ./dnstest TESTDNS

 Test common resolvers by calculating average response times of 3 queries.

-------------------------------------------------------------------                                   
DNS               Primary          Secondary
                                   
AdGuard           94.140.14.14     94.140.15.15
CleanBrowsing     185.228.168.9    185.228.169.9
Cloudflare        1.1.1.1          1.0.0.1
Comodo            8.26.56.26       8.20.247.20
Control-D         76.76.2.2        76.76.10.2
dns0.eu           193.110.81.0     185.253.5.0
DNSFilter         103.247.36.36    103.247.37.37
Dyn/Oracle        216.146.35.35    216.146.36.36
FlashStart        185.236.104.104  185.236.105.105
Gcore             95.85.95.85      2.56.220.2
Google            8.8.8.8          8.8.4.4
Level3/Lumen      209.244.0.3      209.244.0.4
Mullvad           194.242.2.2      194.242.2.3
NextDNS           45.90.28.105     45.90.30.105
OpenDNS/Cisco     208.67.222.222   208.67.220.220
Quad9             9.9.9.9          149.112.112.112
SafeDNS           195.46.39.39     195.46.39.40
UltraDNS/Vercara  64.6.64.6        64.6.65.6
                                   
-------------------------------------------------------------------

 Do you wish to flush the DNS cache (y/N)? n

Current DNS 100.64.0.31
Avg time:  189.333 ms

Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
Error: error sending query: Error creating socket
AdGuard 94.140.14.14

CleanBrowsing 185.228.168.9

Cloudflare 1.1.1.1

Comodo 8.26.56.26

Control-D 76.76.2.2

dns0.eu 193.110.81.0

DNSFilter 103.247.36.36

Dyn/Oracle 216.146.35.35

FlashStart 185.236.104.104

Gcore 95.85.95.85

Google 8.8.8.8

Level3/Lumen 209.244.0.3

Mullvad 194.242.2.2

NextDNS 45.90.28.105

OpenDNS/Cisco 208.67.222.222

Quad9 9.9.9.9

SafeDNS 195.46.39.39

UltraDNS/Vercara 64.6.64.6

Probably because of VPN.

tbhaxor · 27 May 2025 05:22

Ohk, so restarting NetworkManager reverts /etc/resolv.conf. Any solution to this?

Pille · 27 May 2025 05:29

Which UI are you using? If KDE you can set the DNS by switching the IP configuration from “automatic” to “manual” and enter the DNS servers there.

tbhaxor · 27 May 2025 05:32

I am gnome.

Pille · 27 May 2025 05:34

Well, not really interesting if running on my manjaro install. Same on a Raspberry with default Raspberry OS installation:

[xxx@xxx ~]$ bash <(curl -s https://gitlab.com/cscs/dnsdig/-/raw/main/dnsdig)
No capable digger found
[xxx@xxx ~]$

There should be a similar setting available. I do not have a Gnome installation here

Nachlese · 27 May 2025 07:34

The DNS servers are advertized by your router - and this in turn get’s them from your ISP.

They may not be the fastest - as you noticed.
There are two, as you saw from

cat /etc/resolv.conf

The first one is always used - only if that doesn’t respond after some timeout, the second one is used.

To use the DNS of your choice, you can either change that in your routers configuration interface,
which may not be possible if you don’t own it or have access to it.

The much easier way is to use the NetworkManager GUI by clicking the icon in the panel or access the settings through System Settings → Network

click the little gear icon next to the network
go to the third tab (IPv4) and to the fourth (IPv6)
select the “manual” method instead of the currently active “automatic”
and put in your preferred DNS server address, or two, separated by a comma
done

The interface in Gnome looks a bit different than in Xfce or KDE, but the general structure and procedure is the same everywhere in all of these DE’s when NetworkManager is used.

Ben · 27 May 2025 13:44

From the gitlab:
A little script using dig or drill to measure response times of DNS resolvers.

So you need dig which happens to be part of the bind package:

yay -S bind

Should be good to go

system · 30 May 2025 13:44

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.