First of all, thank you for making this excellent package available and thanks for your hard work :)
I have a query relating to use as a local DNS Cacheing proxy on my home LAN. I noted the other thread where cacheing was mentioned but the answer was that the reason only a tiny proportion of addresses are returned locally from cache is due to the preset TTL specified for each domain by the referring DNS server. My rough guess is maybe 1 in 1000 hits are getting returned from cache which means there is little advantage in using as a local DNS cache proxy for a private home/local area network. I noted that this may be due (as you mentioned) to the TTL being preset by the authorising server as "0 ms TTL" or perhaps "no cache". Could this behaviour be overridden using a config setting, say, up to a maximum of perhaps 5 or 10 seconds (or 60 seconds) TTL?
Here's an example referring to facebook where many sequential requests are simply not cached despite being almost
simultaneous - (obviously apps.facebook.com must be set to "no cache")...
[26-May-08 11:07:22] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:07:22] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.15
[26-May-08 11:07:24] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:07:24] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.15
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.11
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.11
Say, a 10 second TTL override setting would induce minimal risk for home/hobbyist users yet would mean a substantial decrease in referrals and traffic to the external DNS server (in my case OpenDNS).
Just a thought. Thanks again :)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The caching do depends on TTL sent by authorized server, but most of TTL is about 600 seconds. Some have about 60 seconds and rarely it is 0. Caching is used more for other computers on network, like one makes query from forwarding server and other network clients can make use of it. It can also be used by same clients.
I will think over minimum TTL, if it is legal.
Thanks for your suggestion.
Achal
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've been watching my logs using tail and can confirm that some domains consistently fail to cache whereas others consistently return OK from cache rather than referring to the forwarding DNS server.
This is what makes me suspect that there may be some strategy being involved by the originating domain owner which might be feasible to override locally. I can see that where multiple servers are aliased for one domain it may be desirable to set a very short TTL (Say if the server admin is using a DNS round-robin for load blancing?)
I'd guess that this would need to be a feature only for the advanced user who can accept any problems it might raise. I am guessing that very long term TTL overrides would increase the inherent risk from DNS poisoning.
Still, I effectively do a lot of "illegal" fiddling by overriding and blocking using my local hosts file anyway :)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
(re)Installed 6.03 on Windows 2000 which acts as a local server on my home network
I had a few minor problems.
1) Wasn't sure what would happen with the install. Whether uninstallation was a requirement (assumed yes). Clicked uninstall then found my current config files were overwritten. Maybe a warning to the effect or can the INI file perhaps be backed up during install? Not a huge problem but I had to refill all the old settings I had got working nicely before.
2) The first time I installed, for some reason I ended up with no DualServer.exe so got a service error 2 (file not found) on trying to start the service. No idea what happened there. All of the other files had been copied OK (including a new INI file, oops!).
3) I have experimented with the DNS settings under the timings section but I notice that the DNS expiry is logged as 360000 seconds which seems to be the DHCP expiry in the config file.
I configured... (I assume the value is seconds not milliseconds?)
[TIMINGS]
MinCacheTime=1000
MaxCacheTime=1000
And got this logged. Perhaps it may help?
[29-Jun-08 19:29:54] Starting DNS Service
[29-Jun-08 19:29:54] Forwarding DNS Server: 208.67.222.222
[29-Jun-08 19:29:54] Forwarding DNS Server: 208.67.220.220
[29-Jun-08 19:29:54] DNS Service Permitted Hosts: 192.168.2.1-192.168.2.254
[29-Jun-08 19:29:54] DNS Service Permitted Hosts: 192.168.3.1-192.168.3.254
[29-Jun-08 19:29:54] DNS Expiry: 360000 (sec)
[29-Jun-08 19:29:54] Server Name: Kerys
[29-Jun-08 19:29:54] Domain Name: techies
[29-Jun-08 19:29:54] Listening On: 192.168.2.100
[29-Jun-08 19:29:54] Logging: All
Also, most of the names are still being resolved from the forwarding DNS server so I must assume their TTL is set to zero and this is still being honoured by Dualserver. (I note there the fact that the workstation will cache names locally for a short while).
Regards, Max
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
6.03 did the trick. :) The DNS appears to have settled down now so I guess I had a flurry of non-cacheable addresses I was seeing. Now performing well and returning a good percentage from the cache and reducing external references. Seeing it perform well with Facebook which reads umpteen external DNS references from many sites per individual page. (This is even with some external sites blocked by using the local hosts file to block em)
Many thanks :) Max
Example of good performance:
--------------------------------
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-026.ll.facebook.com resolved from Forwarding server as 87.248.218.108
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-c.ak.facebook.com resolved from Cache to 86.53.218.99
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-c.ak.facebook.com resolved from Cache to 86.53.218.99
[30-Jun-08 19:47:45] Client 192.168.2.101, photos-a.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-a.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:49] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-607.ll.facebook.com forwarded to Forwarding Server 208.67.220.220
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-607.ll.facebook.com resolved from Forwarding server as 87.248.218.20
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-b.ak.facebook.com resolved from Cache to 86.53.218.129
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-954.ll.facebook.com resolved from Cache to 87.248.217.184
[30-Jun-08 19:47:52] Client 192.168.2.101, photos-f.ak.facebook.com resolved from Cache to 86.53.218.129
[30-Jun-08 19:47:53] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:54] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:54] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:54] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:57] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:58] Client 192.168.2.101, apps.facebook.com resolved from Cache to 69.63.176.15
[30-Jun-08 19:47:58] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:58] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:58] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:59] Client 192.168.2.101, photos-292.ll.facebook.com forwarded to Forwarding Server 208.67.220.220
[30-Jun-08 19:48:00] Client 192.168.2.101, photos-292.ll.facebook.com resolved from Forwarding server as 87.248.212.81
[30-Jun-08 19:48:01] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:48:03] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:48:03] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
-------------------------------------------
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
First of all, thank you for making this excellent package available and thanks for your hard work :)
I have a query relating to use as a local DNS Cacheing proxy on my home LAN. I noted the other thread where cacheing was mentioned but the answer was that the reason only a tiny proportion of addresses are returned locally from cache is due to the preset TTL specified for each domain by the referring DNS server. My rough guess is maybe 1 in 1000 hits are getting returned from cache which means there is little advantage in using as a local DNS cache proxy for a private home/local area network. I noted that this may be due (as you mentioned) to the TTL being preset by the authorising server as "0 ms TTL" or perhaps "no cache". Could this behaviour be overridden using a config setting, say, up to a maximum of perhaps 5 or 10 seconds (or 60 seconds) TTL?
Here's an example referring to facebook where many sequential requests are simply not cached despite being almost
simultaneous - (obviously apps.facebook.com must be set to "no cache")...
[26-May-08 11:07:22] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:07:22] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.15
[26-May-08 11:07:24] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:07:24] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.15
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com forwarded to Forwarding Server 208.67.222.222
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.11
[26-May-08 11:08:36] Client 192.168.2.101, apps.facebook.com resolved from Forwarding server as 69.63.176.11
Say, a 10 second TTL override setting would induce minimal risk for home/hobbyist users yet would mean a substantial decrease in referrals and traffic to the external DNS server (in my case OpenDNS).
Just a thought. Thanks again :)
Hi thanks for posting.
The caching do depends on TTL sent by authorized server, but most of TTL is about 600 seconds. Some have about 60 seconds and rarely it is 0. Caching is used more for other computers on network, like one makes query from forwarding server and other network clients can make use of it. It can also be used by same clients.
I will think over minimum TTL, if it is legal.
Thanks for your suggestion.
Achal
Thanks Achal,
I've been watching my logs using tail and can confirm that some domains consistently fail to cache whereas others consistently return OK from cache rather than referring to the forwarding DNS server.
This is what makes me suspect that there may be some strategy being involved by the originating domain owner which might be feasible to override locally. I can see that where multiple servers are aliased for one domain it may be desirable to set a very short TTL (Say if the server admin is using a DNS round-robin for load blancing?)
I'd guess that this would need to be a feature only for the advanced user who can accept any problems it might raise. I am guessing that very long term TTL overrides would increase the inherent risk from DNS poisoning.
Still, I effectively do a lot of "illegal" fiddling by overriding and blocking using my local hosts file anyway :)
Sorry, I forgot to add. I am running DualServer 6.01 on Win32 (Win2k) ;)
Try Version 6.03, which has this feature.
Hi, thanks :)
(re)Installed 6.03 on Windows 2000 which acts as a local server on my home network
I had a few minor problems.
1) Wasn't sure what would happen with the install. Whether uninstallation was a requirement (assumed yes). Clicked uninstall then found my current config files were overwritten. Maybe a warning to the effect or can the INI file perhaps be backed up during install? Not a huge problem but I had to refill all the old settings I had got working nicely before.
2) The first time I installed, for some reason I ended up with no DualServer.exe so got a service error 2 (file not found) on trying to start the service. No idea what happened there. All of the other files had been copied OK (including a new INI file, oops!).
3) I have experimented with the DNS settings under the timings section but I notice that the DNS expiry is logged as 360000 seconds which seems to be the DHCP expiry in the config file.
I configured... (I assume the value is seconds not milliseconds?)
[TIMINGS]
MinCacheTime=1000
MaxCacheTime=1000
And got this logged. Perhaps it may help?
[29-Jun-08 19:29:54] Starting DNS Service
[29-Jun-08 19:29:54] Forwarding DNS Server: 208.67.222.222
[29-Jun-08 19:29:54] Forwarding DNS Server: 208.67.220.220
[29-Jun-08 19:29:54] DNS Service Permitted Hosts: 192.168.2.1-192.168.2.254
[29-Jun-08 19:29:54] DNS Service Permitted Hosts: 192.168.3.1-192.168.3.254
[29-Jun-08 19:29:54] DNS Expiry: 360000 (sec)
[29-Jun-08 19:29:54] Server Name: Kerys
[29-Jun-08 19:29:54] Domain Name: techies
[29-Jun-08 19:29:54] Listening On: 192.168.2.100
[29-Jun-08 19:29:54] Logging: All
Also, most of the names are still being resolved from the forwarding DNS server so I must assume their TTL is set to zero and this is still being honoured by Dualserver. (I note there the fact that the workstation will cache names locally for a short while).
Regards, Max
Yep,
6.03 did the trick. :) The DNS appears to have settled down now so I guess I had a flurry of non-cacheable addresses I was seeing. Now performing well and returning a good percentage from the cache and reducing external references. Seeing it perform well with Facebook which reads umpteen external DNS references from many sites per individual page. (This is even with some external sites blocked by using the local hosts file to block em)
Many thanks :) Max
Example of good performance:
--------------------------------
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-026.ll.facebook.com resolved from Forwarding server as 87.248.218.108
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-c.ak.facebook.com resolved from Cache to 86.53.218.99
[30-Jun-08 19:47:43] Client 192.168.2.101, photos-c.ak.facebook.com resolved from Cache to 86.53.218.99
[30-Jun-08 19:47:45] Client 192.168.2.101, photos-a.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-a.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:49] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-607.ll.facebook.com forwarded to Forwarding Server 208.67.220.220
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-607.ll.facebook.com resolved from Forwarding server as 87.248.218.20
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-b.ak.facebook.com resolved from Cache to 86.53.218.129
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:49] Client 192.168.2.101, photos-954.ll.facebook.com resolved from Cache to 87.248.217.184
[30-Jun-08 19:47:52] Client 192.168.2.101, photos-f.ak.facebook.com resolved from Cache to 86.53.218.129
[30-Jun-08 19:47:53] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:54] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:54] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:47:54] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:57] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:58] Client 192.168.2.101, apps.facebook.com resolved from Cache to 69.63.176.15
[30-Jun-08 19:47:58] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:47:58] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:58] Client 192.168.2.101, profile.ak.facebook.com resolved from Cache to 217.243.192.27
[30-Jun-08 19:47:59] Client 192.168.2.101, photos-292.ll.facebook.com forwarded to Forwarding Server 208.67.220.220
[30-Jun-08 19:48:00] Client 192.168.2.101, photos-292.ll.facebook.com resolved from Forwarding server as 87.248.212.81
[30-Jun-08 19:48:01] Client 192.168.2.101, photos-e.ak.facebook.com resolved from Cache to 86.53.218.96
[30-Jun-08 19:48:03] Client 192.168.2.101, photos-d.ak.facebook.com resolved from Cache to 86.53.218.51
[30-Jun-08 19:48:03] Client 192.168.2.101, photos-h.ak.facebook.com resolved from Cache to 86.53.218.51
-------------------------------------------