RouterOS 6.33.3 delay in dns queries for certain domains

redskilldough · Mon Jan 04, 2016 1:10 pm

There is a significant delay in dns queries to the router for certain domains that should have a servfail reply.

Eg. http://www.duckdns.org

One doing nslookup for the above named domain on 8.8.8.8, I get a very quick reply. With debug on, here is the reply, point being the response is very quick.

> www.duckdns.org
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

------------
SendRequest(), len 33
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = A, class = IN

------------
------------
Got answer (49 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = A, class = IN
    ANSWERS:
    ->  www.duckdns.org
        type = A, class = IN, dlen = 4
        internet address = 52.24.195.93
        ttl = 18 (18 secs)

------------
Non-authoritative answer:
------------
SendRequest(), len 33
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = AAAA, class = IN

------------
------------
Got answer (33 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = AAAA, class = IN

------------
Name:    www.duckdns.org
Address:  52.24.195.93

There is no AAAA address for the domain, but the server still replies quickly with SERVFAIL.

However, when I run the same thing, using the router dns server, there is a significant delay. It does not send a SERVFAIL reply for the AAAA record, so the dns client waits till it times out. Hence, opening http://www.duckdns.org is significantly delayed.

> www.duckdns.org
Server:  [192.168.0.1]
Address:  192.168.0.1

------------
SendRequest(), len 33
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = A, class = IN

------------
------------
Got answer (49 bytes):
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = A, class = IN
    ANSWERS:
    ->  www.duckdns.org
        type = A, class = IN, dlen = 4
        internet address = 52.24.195.93
        ttl = 19 (19 secs)

------------
Non-authoritative answer:
------------
SendRequest(), len 33
    HEADER:
        opcode = QUERY, id = 6, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.duckdns.org, type = AAAA, class = IN

------------
DNS request timed out.
    timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
Name:    www.duckdns.org
Address:  52.24.195.93

There is no SERVFAIL reply from routerOS dns server, so there is a delay, followed by a request timeout for the AAAA record.

redskilldough · Tue Feb 02, 2016 10:08 am

More info:

The delay on going to the www.duckdns.org website is only seen when we are running dual stack, both ipv4 and ipv6 together.
There is no delay if we only use ipv4 on the network

RouterOS 6.33.3 delay in dns queries for certain domains

RouterOS 6.33.3 delay in dns queries for certain domains

Re: RouterOS 6.33.3 delay in dns queries for certain domains

Who is online