Hi,
after a while we noticed that our DNS resolution is not always fast as expected, so I tried few test using nslookup from my computer behind Omnia and noticed that resolving new DNS names often for the first time causes time out and following request for same name is immediately returned correctly, for example here for microsoft.co.uk domain:
> microsoft.co.uk.
Server: UnKnown
Address: fde2:58dd:b908::1
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
> microsoft.co.uk.
Server: UnKnown
Address: fde2:58dd:b908::1
Non-authoritative answer:
Name: microsoft.co.uk
Addresses: 23.101.184.206
104.40.191.237
104.43.142.34
191.235.218.166
191.237.78.58
So I’ve tried to disable DNSSEC validation in foris and after that I haven’t noticed any timeout any more, but as proposed by foris, I’d like to avoid completely disabling DNSSEC validation. Forwarding is in administration turned off.
Is there anything I can try to change in order to get rid of timeouts and keep DNSSEC validation enabled?
Thank you. This domain really does take roughly 3 sec. to resolve on Omnia. We will look into the issue.
Forwarding would most likely avoid that delay, but forwarding before Omnia 3.8 won’t do (local) DNSSEC validation. Since upcoming 3.8 there will be kresd > 1.3 that does validate even when forwarding, by default.
@vcunat Thank you, it helped with DNS resolution. But as I started changing router configuration, as @Nones mentioned HE.net, I finally registered there and replaced my previous SixXS tunnel with the one from HE and with this IPv6 connectivity is DNS also working fast once again.