home |
electronics |
toolbox |
science club |
tuxtalk |
photos |
e-cards |
online-shop
Speeding up the web experience with a dnsmasq DNS cache (ubuntu 16.04)
DNS name resolution is often what causes "the internet" to appear "slow". Name resolution in Ubuntu 16.04 works such that /etc/resolv.conf points to 127.0.1.1 and dnsmasq is listening at that address. dnsmasq itself is dynamically configured by network manager through dbus messages. If you change your upstream network connection (e.g from wifi to Ethernet) then both the dnsmasq process and /etc/resolv.conf remain unchanged. Instead network manager sends messages to dnsmasq to let it know that the upstream DNS server has changed.
You can monitor that communication between network manager and dnsmasq with the command:
dbus-monitor --system
If you check how the dnsmasq process was started then you will see something like that:
# ps axuw | grep dnsm
nobody 5591 0.0 0.0 60492 4300 ? S 22:13 0:00 /usr/sbin/dnsmasq --no-resolv
--keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid
--listen-address=127.0.1.1 --cache-size=0 --proxy-dnssec
--enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d
Somebody decided to put "--cache-size=0" which is just slowing down everything. They will tell you
probably that this is for security reasons but on a laptop that is just used by one user at a time
there is really no reason to disable caching.
How do we turn it back on?
vi /etc/NetworkManager/dnsmasq.d/cache.conf
and put inside:
cache-size=1000
neg-ttl=900
log-queries
After that run "systemctl restart network-manager"
or just restart the computer.
You will see that the dnsmasq process is still started with "--cache-size=0" but there is dynamic configuration between network manager and dnsmasq and that may overwrite things.
How do we know that caching is working? The "log-queries" will log all request in /var/log/syslog and
you will see which requests are answered from cache:
Dec 17 10:58:38 lenie dnsmasq[2256]: query[A] www.fastmail.com from 127.0.0.1
Dec 17 10:58:38 lenie dnsmasq[2256]: cached www.fastmail.com is 66.111.4.148
Dec 17 10:58:38 lenie dnsmasq[2256]: cached www.fastmail.com is 66.111.4.147
Dec 17 10:58:40 lenie dnsmasq[2256]: query[A] www.fastmail.com from 127.0.0.1
Dec 17 10:58:40 lenie dnsmasq[2256]: cached www.fastmail.com is 66.111.4.147
You can also test it using a domain that you have not used yet today:
# dig @127.0.1.1 lwn.net
...
;; ANSWER SECTION:
lwn.net. 3281 IN A 45.33.94.129
;; Query time: 122 msec
Now repeat the dig-query and the query time should go down:
# dig @127.0.1.1 lwn.net
...
;; ANSWER SECTION:
lwn.net. 3179 IN A 45.33.94.129
;; Query time: 0 msec
Now we know for sure that the cache is making a difference. You could remove the "log-queries"
from /etc/NetworkManager/dnsmasq.d/cache.conf if you don't want to fill up system logs with DNS
queries.
How do we know which up-stream DNS server is used by our dnsmasq cache? The easiest way to see that
(besides monitoring the communication between network manager and dnsmasq) is to print the configuration
with nmcli:
# nmcli device show
...
GENERAL.DEVICE: wls1
GENERAL.TYPE: wifi
GENERAL.HWADDR: 00:1E:65:C6:42:8C
GENERAL.MTU: 0
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: homewifi
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
IP4.ADDRESS[1]: 10.0.0.3/24
IP4.GATEWAY: 10.0.0.2
IP4.DNS[1]: 10.0.0.1
...
Near the name of your connection (homewifi in the above example) you should see one or more
IP4.DNS... entries. This is what dnsmasq will be using as up-stream servers.
Besides the above cache which will work according to the specified TTL (time to live) of the domain owner there is as well a rather short lived fixed time cache in Firefox. Open "about:config"
and search for dnsCache. The network.dnsCacheExpiration time is in seconds. So firefox caches entries for
60 seconds by default.
© 2004-2025 Guido Socher