Question about DNS caching

  • 1
  • Question
  • Updated 3 years ago
I've been on the Liberty Pass for the past couple of days and I'm not sure if this has something to do with it or not but I noticed things slow down last night. Additionally, some page requests were failing with DNS lookup failures. I have DNS caching enabled on my router.

When this started to happen again this morning, I can see that I'm not being capped to bad with peaks at 8 Mbps. So that led me to investigate further and I did a ping request to www.google.com. The time between the ping requests was only a few seconds apart but you'll see that the IP address changed with the second IP having improved response times.

Pinging www.google.com [74.125.226.115] with 32 bytes of data:
Reply from 74.125.226.115: bytes=32 time=1217ms TTL=51
Reply from 74.125.226.115: bytes=32 time=1517ms TTL=51
Reply from 74.125.226.115: bytes=32 time=995ms TTL=51
Reply from 74.125.226.115: bytes=32 time=899ms TTL=51

Pinging www.google.com [173.194.43.112] with 32 bytes of data:
Reply from 173.194.43.112: bytes=32 time=690ms TTL=51
Reply from 173.194.43.112: bytes=32 time=709ms TTL=51
Reply from 173.194.43.112: bytes=32 time=704ms TTL=51
Reply from 173.194.43.112: bytes=32 time=695ms TTL=51

I am wondering, if I should be turning DNS caching off because of the way Exede hijacks DNS requests? I just turned it off on my router and I'll do more browsing to see if it improves things but I would ask the question anyway.
Photo of Joshua

Joshua

  • 208 Posts
  • 64 Reply Likes
  • unconcerned

Posted 3 years ago

  • 1
Photo of C0RR0SIVE

C0RR0SIVE

  • 41 Posts
  • 14 Reply Likes
Joshua, can you pinpoint whether the hijack is local on the modem, or on the other side of the satellite...?  

How long does your local DNS cache hold records for?  I probably wouldn't dump it if it's actually the modem performing the hijack, just decrease how long your system keeps DNS records... The issue is, many MODERN routers also cache DNS records, for a relatively short amount of time.  

So, I have doubts you caching records is going to harm anything... Especially considering Windows has a DNS cache of its own.
Photo of Joshua

Joshua

  • 208 Posts
  • 64 Reply Likes
I know the hijacking is occurring after my router but after that I'm not sure if it is my modem, on the satellite or further down. I did run a DNS performance tool that also confirmed my results.

I haven't checked to see how long my local machine is keeping records but I can verify that this was happening on multiple devices including Android, Windows 10, and OS X until I disabled DNS caching on my router.

Since I made the change last night, things seem to be working without issue. It's a little strange that when I do a ping test to Google's home page, I'm getting a different IP with each new ping test while only waiting a dozen seconds in between.
Photo of C0RR0SIVE

C0RR0SIVE

  • 41 Posts
  • 14 Reply Likes
Why that occurs is beyond me, as your operating system should be caching the DNS record on its own...  Unless there is something telling the OS to release the records prematurely... Then again, if Viasat is hijacking them, there's no telling what's going on with out doing a packet capture to see what they are doing to the data.