Recursive lookups and DNS servers

[ocky]

Am on 4Mbps with Telkom the ISP. Ever since I can remember the DNS servers in the Netgear router config was/is
196.25.1.11
196.25.1.9
However I always use a proxy in the browsers; 196.25.253.13:8080 or dsl-cache.saix.net:8080 otherwise
download speed drops dramatically.

( I am in George and tried 196.43.46.190 primary and 196.43.50.190 secondary as per sticky thread,
but the speeds without a browser proxy are also terrible ).


Now I don't understand much about these things, and find the following statement only adding to my confusion:-
http://www.saix.net/cgi-bin/saix_dns.pl

Dial-Up, ADSL, WiMax, VSAT and WCDMA users should please use the dynamicly assigned DNS information when logging in. Other users should use the Recursive Caching only DNS servers closest to your location for general recursive queries when configuring your client.

DO NOT use igubu.saix.net, sangoma.saix.net and induna.saix.net for recursive lookups. Recursion have been disabled as of 1 February 2010 as communicated on the SAIX Noticeboard on reference NN0004189.

Firstly, I can't see 196.25.1.11 (only 196.25.1.1).

Then in view of the above quote, it appears that I should use dynamically assigned DNS servers. Should I therefore tick
that option in the router page ?

In a nutshell, what do you recommend I do ? When using either of the browser proxies all is fine and I get ± 3.5+ Mbps on my 4 Mbps
line, but why do speeds drop so dramatically without those proxies ?

Also I don't really know what recursive lookups are and whether or not there are advantages to using a recursive DNS server(s).

 

[fragtion]

DNS and HTTP Proxy are two completely different things. I'm not sure why you are conflating them into one post as that will likely confuse most respondents

Regarding the DNS:

You can't "see" 192.25.1.11, probably because you are trying to ping it, and SAIX have disabled ICMP on those servers. However, the server is still up and responds fine to nslookup requests

As for whether or not you should use dynamically assigned DNS servers, all that the quoted statement from the Telkom website you are confused about basically says, is that users should rather use the dynamically assigned DNS servers for best results. Indeed it would be preferred to do that under most circuimstances

Personally, I prefer to have control over my DNS servers. I'm in Johannesburg, so when using Telkom/SAIX as my ISP, I use 196.43.1.11 (ns2.saix.net) which is based in Rosebank (Gauteng), as my primary, and 196.25.1.11 (ns1.saix.net) which is based in Bellville (Western Cape). I've been doing this for years and years and it's always worked for me.

Since you're based in the cape, you could just switch those primary and secondaries around for slightly improved responsiveness.

You don't need to worry about the recursive lookups terminology - all that basically implies is that the recursive server has a master server as its own lookup source, and that it may be caching requests.

Regarding the proxies:

I have also noticed that SAIX transparently intercepts all web traffic into their cache network which has a distributed presence throughout the country. The problem is that the primary proxy which does this transparent interception, also seems to limit each TCP connection to 512kbps throughput. This is extremely deceptive, and probably a good case to raise with the ASA, as it undermines Telkom's claim that they are offering the likes of 10, 20, and 40Mbps services if they end up throttling HTTP traffic to a consistent low 512kbps. I've raised this issue before OVER HERE, but nothing seems to have been done about it specifically as yet. As you've discovered, it is possible to bypass the transparent proxy and directly connect to another proxy which may not be imposing these throughput limits. So, just keep doing that. DNS won't have any effect on this...

 

[ocky]

DNS and HTTP Proxy are two completely different things. I'm not sure why you are conflating them into one post as that will likely confuse most respondents

Regarding the DNS:

You can't "see" 192.25.1.11, probably because you are trying to ping it, and SAIX have disabled ICMP on those servers. However, the server is still up and responds fine to nslookup requests

Thanks for your comprehensive reply fragtion. Re. the above I simply meant that it is not listed here
so thought it may be obsoleted.
OK, I will just continue as is, i.e. making use of the http proxies. Btw. I see there are also DNS servers from IS ...
168.210.2.2 ( Cached )
196.14.239.2 ( Cached )
Wonder whether those are an improvement.

 

[fragtion]

Btw. I see there are also DNS servers from IS ...
168.210.2.2 ( Cached )
196.14.239.2 ( Cached )
Wonder whether those are an improvement.

I'd say the most important thing to do here is use DNS servers hosted at the ISP you're using. A lot of people use the Google DNS or OpenDNS servers. I tend to discourage that because: 1) they are hosted internationally, which means 150ms+ for every dns query, and 2) by using a foreign DNS server (not that from your ISP) you will not receive all the speed benefits of mirror services hosted by that ISP - for example AKAMAI and Google Global Cache local presence

This also applies if you try to use IS's DNS servers on a Telkom account -- IS and SAIX each have their own Google Cache servers, and those servers reject clients which are not from their own network... So if you use IS's DNS server on a Telkom account, you may experience bad results when trying to use those services such as YouTube

 

[ocky]

Yes, that makes sense. Thanks again fragtion, your knowledge on this subject is something I still need to acquire.

 

[ocky]

Yes, that makes sense. Thanks again fragtion, your knowledge on this subject is something I still need to acquire.

New situation. As mentioned in my first post I use http proxies to speed up my browsing. Using no http proxy in the browsers and relying on the primary and secondary DNS Telkom servers makes for a miserable browsing experience.
Now, since about 14 days ago, using the undermentioned http proxies results in a message on web pages "Forbidden by access control policy" This usually happens in the mornings and on weekends and does not affect https secure sites.
The http proxies I use are as shown below .. not sure exactly what the output all means;-

196.25.253.13:8080

$ host 196.25.253.13
13.253.25.196.in-addr.arpa domain name pointer ndf-cache1.saix.net.

nslookup 196.25.253.13
Server:		196.25.1.11
Address:	196.25.1.11#53

Non-authoritative answer:
13.253.25.196.in-addr.arpa	name = ndf-cache1.saix.net.

Authoritative answers can be found from:
25.196.in-addr.arpa	nameserver = sabela.saix.net.
25.196.in-addr.arpa	nameserver = sangoma.saix.net.
25.196.in-addr.arpa	nameserver = induna.saix.net.
25.196.in-addr.arpa	nameserver = igubu.saix.net.
igubu.saix.net	internet address = 196.25.1.1
induna.saix.net	internet address = 196.43.1.14
sabela.saix.net	internet address = 196.43.1.9
sangoma.saix.net	internet address = 196.25.1.9





dsl-cache.saix.net:8080

$ host dsl-cache.saix.net
dsl-cache.saix.net is an alias for ndf-cache1-vif0.saix.net.
ndf-cache1-vif0.saix.net has address 196.43.9.21


$ nslookup dsl-cache.saix.net
Server:		196.25.1.11
Address:	196.25.1.11#53

Non-authoritative answer:
dsl-cache.saix.net	canonical name = ndf-cache1-vif0.saix.net.
Name:	ndf-cache1-vif0.saix.net
Address: 196.43.9.21

Are there any other http proxies I can use, and what could be the problem ?

 

[fragtion]

If you want my added 2c on that, I'd say you should probably save yourself any further hassle / grey hair and rather just switch to another ISP which doesn't essentially throttle all proxy-less HTTP traffic to 512Kbps (ie who aren't adamant on staying in the stone age). Bandwidth is surprisingly cheaper these days and it's cheap/easy to test various ISP's networks out by trying their entry-level capped packages. Afrihost and Webafrica, and I'm sure a couple other ISP's do offer free 1gb accounts

 

[Thomasac11]

The fastest DNS Servers in South Africa are 196.41.0.11 whish is dnscache2.datapro co.za and strangely enough 196.2.45.101 which is hurricane.mweb.co.za.dataPro is about 30% faster than Mweb.Third is Afrihost but that is someway back.

 

[fragtion]

The fastest DNS Servers in South Africa are 196.41.0.11 whish is dnscache2.datapro co.za and strangely enough 196.2.45.101 which is hurricane.mweb.co.za.dataPro is about 30% faster than Mweb.Third is Afrihost but that is someway back.

Interesting, but I guess that it could also heavily depend on who your ISP is though, and how efficient the routing is between that ISP and the servers you mentioned. Is VOX your ISP by any chance? That could explain the speedy service you get from dnscache2.datapro.co.za. Also since it's a caching DNS server, there's a good chance your query is already sitting in the memory cache on that server which would explain why it seems to resolve so quickly. Caching has its advantages and disadvantages of course, and in some cases it would be better to work with a DNS server that is less cache-reliant but provides more up-to-date results - with the natural side effect of being delayed by a couple more milliseconds as required to initiate the query from the parent peers
It's _usually_ best practice to stick to your ISP's allocated DNS servers or at least some DNS server on that same network - that way, in times where the peers may be congested or severed, you'll still have service; and you will also benefit from any locally hosted mirrors that your ISP provides such as its Akamai or GGC servers... But ya ;D Gonna test those ones you posted out and see if I witness any noticable improvements, regardless - thanks for sharing