[146096] in North American Network Operators' Group
Re: Performance Issues - PTR Records
daemon@ATHENA.MIT.EDU (Ben Jencks)
Wed Nov 2 19:20:35 2011
From: Ben Jencks <ben@bjencks.net>
In-Reply-To: <CAKP=495duD9tyeiTwDh0XHEmAeUSgtheGF3CMhyOK7xvfD6UZA@mail.gmail.com>
Date: Wed, 2 Nov 2011 19:19:37 -0400
To: Matt Chung <itsmemattchung@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Nov 2, 2011, at 5:57 PM, Matt Chung wrote:
> I work for a regional ISP and very recently there has been an influx =
of
> calls reporting "slowness" when accessing certain websites (i.e
> google.com/voice/b) via HTTP. After performing a tcpdump and =
analyzing the
> session, I have been able to pinpoint the latency at the application
> layer. After the tcp session has been established, it takes up to =
15-20
> seconds before the application begins sending data. The root of the
> problem was that the PTR record for our customer(s) address does not
> exist. As soon as the record is created, latency from the application =
is
> eliminated. This is analogous to latency when accessing a server over =
SSH
> when no PTR is available.
>=20
> A seperate packet capture from another customer exhibiting similar
> performance behavior showed many TCP retransmissions. At first =
glance, I
> assumed this was network related however this correlates with the
> application not responding and inducing retransmissions at the TCP =
layer
> (different symptoms, same problem).
>=20
> Historically, there was no compelling reason to create PTR records for =
our
> CPE however more and more applications seem to be dependent on it.
> Although we will be assigning a record for each address, my question =
is why
> is the application (specifically HTTP) dependent on a reverse record ?
> What is the purpose?
You're returning NXDOMAIN, right? If they're doing a reverse lookup and =
you return NXDOMAIN it should fail quickly, or else the application is =
even more horribly broken than just doing reverse lookups would imply. =
On the other hand, if you're not responding to the PTR request then that =
could be causing the timeout.
-Ben
