On Thu, 2007-08-09 at 04:30 -0500, Linus Ulrick wrote: > I have fully qualified domain: afolkey2.net. It can USUALLY be found > thusly: > http://www.afolkey2.net > > Tonight when I came home from work, I started seeing problems with > pages loading. Try the following to see what I mean: > http://www.afolkey2.net/awstats/awstats.pl?config=www.afolkey2.net > http://www.afolkey2.net/gallery2/main.php The website didn't load, first go, here. But the stats page did. Very odd. Both did eventually load, but both slowly. Though, since the pages I had to look at were all "generated" things (stats and photo galleries), that's not uncommon. Such things are often painfully slow, in my experience. It should be noted that making stats public can subject you to referrer spam: Spammers linking to your pages, hoping to turn up in your stats, and hoping that you publish your stats, or publish what refers to you in some other way, so that you give them free advertising. You can get deluged by them, and some quite unsavoury things, too. > I use the free dynamic dns service from dnsexit.com. The nameservers > that they have me point my domain to are as follows: > ns1.dnsexit.com > ns2.dnsexit.com > > When I noticed the severe issues described above, I ran "ping" on each > of those two servers. The edited results of "ping ns1.dnsexit.com" > look something like this: > PING ns1.dnsexit.com (63.223.76.173) 56(84) bytes of data. > 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=1 ttl=48 time=417 ms > 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=2 ttl=48 time=436 ms > 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=3 ttl=48 time=375 ms > 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=4 ttl=48 time=349 ms > 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=5 ttl=48 time=258 ms [tim@bigblack ~]$ ping ns1.dnsexit.com PING ns1.dnsexit.com (63.223.76.173) 56(84) bytes of data. 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=1 ttl=55 time=227 ms 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=2 ttl=55 time=227 ms 64 bytes from ns1.dnsexit.com (63.223.76.173): icmp_seq=3 ttl=55 time=226 ms I got fairly consistent results for either name server, and fairly similar ones for the webserver address: [tim@bigblack ~]$ ping afolkey2.net PING afolkey2.net (74.134.123.247) 56(84) bytes of data. 64 bytes from 74-134-123-247.dhcp.insightbb.com (74.134.123.247): icmp_seq=1 ttl=132 time=258 ms 64 bytes from 74-134-123-247.dhcp.insightbb.com (74.134.123.247): icmp_seq=2 ttl=132 time=257 ms 64 bytes from 74-134-123-247.dhcp.insightbb.com (74.134.123.247): icmp_seq=3 ttl=132 time=260 ms It should also be noted that pinging a machine is quite a different thing than using some other service on it. You can get good or bad ping responses that are contrary to how their services respond. All a ping test is how they respond to pings. :-\ I did a "dig" on your domain name, which is just looking up domain records, the thing that you need to test, and got the following response: [tim@bigblack ~]$ dig www.afolkey2.net ; <<>> DiG 9.4.1-P1 <<>> www.afolkey2.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58276 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.afolkey2.net. IN A ;; ANSWER SECTION: www.afolkey2.net. 120 IN CNAME afolkey2.net. afolkey2.net. 120 IN A 74.134.123.247 ;; AUTHORITY SECTION: afolkey2.net. 120 IN NS ns1.dnsexit.com. afolkey2.net. 120 IN NS ns2.dnsexit.com. ;; ADDITIONAL SECTION: ns1.dnsexit.com. 172799 IN A 63.223.76.173 ns2.dnsexit.com. 172799 IN A 64.182.102.188 ;; Query time: 890 msec ;; SERVER: 192.168.1.2#53(192.168.1.2) ;; WHEN: Thu Aug 9 19:15:18 2007 ;; MSG SIZE rcvd: 143 Which, while being about four times longer to complete (the query time) than looking up some other domains I just tried (around 200 mS instead of around 900 mS), is still not terribly slow. Certainly not as slow as their webserver was to respond. So, I'd be more concerned about things other than their DNS servers. You probably also want to do some tests on the HTTP server response time, but I don't have anything to tell you how to test that. That's response time, more than download speed. People will put up with things taking a little while to finish downloading, so long as they start fairly promptly. > when I ran "ping ns2.dnsexit.com" that the server that appeared to be > the one that was queried is "nd188.dnsexit.com", not "ns2.dnsexit.com" The same here, but forward and reverse name look ups don't have to match (a fact often overlooked by some overzealous anti-spam people). It's quite likely that whatever does their second name server does more than just be a name server, and they might have named the device for that purpose rather than just the name serving feature. [tim@bigblack ~]$ dig +short ns1.dnsexit.com 63.223.76.173 [tim@bigblack ~]$ dig +short -x 63.223.76.173 ns1.dnsexit.com. [tim@bigblack ~]$ dig +short ns2.dnsexit.com 64.182.102.188 [tim@bigblack ~]$ dig +short -x 64.182.102.188 nd188.dnsexit.com. However, this is revealing (below). There's no A record (or any answer) to trying to find out the IP for their second name server, by the other domain name. That could well be a problem, it's just as well that's their second name server, not the first one. [tim@bigblack ~]$ dig nd188.dnsexit.com ; <<>> DiG 9.4.1-P1 <<>> nd188.dnsexit.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50072 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;nd188.dnsexit.com. IN A ;; AUTHORITY SECTION: dnsexit.com. 1195 IN SOA ns2.dnsexit.com. admin.netdorm.com. 2000060701 12000 2400 604800 1200 ;; Query time: 15 msec ;; SERVER: 192.168.1.2#53(192.168.1.2) ;; WHEN: Thu Aug 9 19:37:16 2007 ;; MSG SIZE rcvd: 89 You might bring that to their attention, and ask them if they know why things are running slowly at the moment. > If nothing else, I THINK I can safely assume that they are having some > issues on their end. Nonetheless, do any of you have any suggestions > about free dynamic DNS services that you have had good fortune with? I occasionally use no-ip.com, which I see is slightly faster at responding (667 mS). But then that's the speed between me and them, and will be different between them and someone else. Likewise, with yours. -- [tim@bigblack ~]$ uname -ipr 2.6.22.1-41.fc7 i686 i386 Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7. Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
