DNS High Latency

Question

HiA costumer has a Fortigate 100E witg FortiOs 6.2.0.They are having issue with DNS timeout.On fortigate DNS is possible see hight latency on DNS consult.In this KB report that DNS high latency can impacti client experience.How can I solver ths problema of high latency?

Yurisk · Answer

First try to verify if the problem is indeed high latency and if so the Fortigate causes it.

If you have/can ask use for a connection to a PC in LAN, see how long it takes to do resolving, e.g. in PowerShell:

PS > Measure-Command {nslookup cnn.com}

Non-authoritative answer:

Days : 0 Hours : 0 Minutes : 0 Seconds : 0 Milliseconds : 273 Ticks : 2730728

On Fortigate you can estimate the time it takes a packet to enter and leave the Fortigate via a sniffer - dia sni pa any 'host 8.8.8.8' 4 and look at timestamps of when packet from LAN PC to Google DNS (or any other one client is using) enters the FGT , and when leaves it on the Internet facing interface, then compare.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded