dns_query_time_query_time
DNS
This alert presents the average DNS query round trip time (RTT) over the last 10 seconds.
If the DNS query exceeds a time limit to complete its operation (aka if it times out), then the alert is raised into warning.
What is Round Trip Time?
In networking, round-trip time (RTT), also known as round-trip delay time (RTD) is defined as
a metric that measures in milliseconds the amount of time it takes for a data packet to be
sent plus the amount of time it takes for acknowledgement of that signal to be received. This
time delay includes propagation times for the paths between the two communication endpoints.1
What is the main cause of DNS Latency?
-
Cache misses
Even if a resolver can provide very good cache hit latency, cache misses are unavoidable and are
very costly in terms of latency.“Cache hits” is the terminology used for when a system asks a resolver about some data and the
resolver can provide it because he has it cached locally.“Cache misses” occur when a system asks a resolver about some data, and he doesn’t have it cached
locally. Then the resolver has to talk to other name servers, to see if they have the data
requested, which takes time and greatly increases latency.2 -
DNS Server Location
The location of the DNS server you’re accessing plays a huge role in your latency. The
farther the server is to your place, the higher the latency gets. But this is not always
the case as centralized DNS servers’ latency isn’t affected by the distance from the user.
Transit links also vary from one server to another. Latency will be lower if the transit
links are equipped with up-to-date technology.3 -
Wireless networks
Wireless networks have higher latency compared to wired networks. This happens because the
transfer of data doesn’t go through fixed lines. Instead, it goes through Wi-Fi routers or
satellite dishes. These devices’ efficiency also depends on the location where they’re placed.3 -
Malicious DNS Traffic
Malicious DNS traffic can also cause high latency. It’s because the DNS server will work
double time in processing it. PRSD attacks are the most common type of malicious traffic.
When this happens, it causes a lot of malware and botnet queries which cause high recursion
rates. These consume and waste a lot of CPU cycles on the server.3 -
Under-scaling of DNS Server
Proper scaling of the DNS infrastructure is important. Because if it’s not scaled correctly,
chances are is that it will use too much CPU power. When this happens, it will impact the
latency and cause it to increase. The more the CPU is utilized, the higher your latency gets.3
For further information, please refer to our References and Sources section.
References and Sources
Troubleshooting Section
This alert can have multiple causes.
As a first step, you can try changing your DNS server. Your current configuration might be using a
slow server, or what your ISP provides might not be the best. You can find more information on
Google Developers on how to configure your settings for your specific OS to use Google’s Public DNS.