So your web browsing experience suffers stuttering and you get the impression
that you're losing DNS requests, but every time you fire up
dig to actually
see one failing, it always succeeds.
Debugging DNS problems can get hard - and annoying. The only way to really tell if you've finally nailed down the cause is monitoring all queries and match the replies.
Tracing can be done easily using
tcpdump like so:
$ tcpdump -i eth0 -w dns-capture.pcap "udp port 53"
Using Wireshark you can have a look at the trace but finding the one lost query amoung thousands of others is no fun part there.
In the desperate need of a reliable and efficient analysis for finally fixing DNS drops with my new, crappy ISP I wrote dnsstat.
Simply feed it a PCAP file containing DNS traffic
$ ./dnsstat dns-capture.pcap Queries sent: 309 answered: 307 lost: 2 (0.01%) Delay min: 0.11 ms avg: 66.89 ms max: 1052.54 ms stdev: 206.59 ms
and it will give you an overview of your DNS performance. Using
-v you may
also dump all queries along with their response time.
Sounds handy? Get the code on GitHub.