Nameservers are slow

upaxnet

• April 21, 2017 05:42

Hi all, First off, I'm new to cPanel and these forums, I'm a migrant from Plesk which I have been using a long time. Oh and I have also searched the forums for this issues, and I have found similar problems with others but no solutions. I have currently installed the a trial of cPanel & WHM on one of my servers. I've also installed 2 cPanel DNSONLY on 2 fresh installed VPS's Everything is working peachy but the initial record lookup at my DNS is taking a loooong time. We are talking about maybe 10-15seconds before the website loads in. This only happens the first time you visit the site, or when you visit the site again after a while, and the browser is talking to the DNS servers to get the records. After the browser gets the info it wants the website load all pages super fast, and it is fast the whole visit, until you leave and come back a while later. My DNS setup is as following: Webserver (Mode set on both DNS "Synchronize Changes") | |_ DNS Server 1 (Mode set on Webserver: Standalone) | |_ DNS Server 2 (Mode set on Webserver: Standalone) I've checked intodns.com, mxtoolbox and a few other DNS check tools and the results show no errors and it shows the results fast. My DNS servers are also setup on 2 different geo locations and not in the same DataCenter. gyazo.com/5939c88d48cb446e7c182259f8fb165b">Gyazo - 5939c88d48cb446e7c182259f8fb165b.png Thanks for you time. /Eirik I could not Edit my post so I will have to make a reply instead. My servers, Webserver and DNS servers are running CentOS7.

• 

  cPanelMichael

  • April 21, 2017 18:52

  My DNS servers are also setup on 2 different geo locations and not in the same DataCenter.

  
  Hello @upaxnet, My initial thought is that the location of your name servers is the culprit for the reduced speed. How far away are these servers from from the location you are accessing the websites from? While the redundancy is improved from diverse locations, you may want to consider using locations closer to where the majority of your visitors are accessing the websites from. Thank you.

  0
• 

  upaxnet

  • April 21, 2017 21:47

  Hello @upaxnet, My initial thought is that the location of your name servers is the culprit for the reduced speed. How far away are these servers from from the location you are accessing the websites from? While the redundancy is improved from diverse locations, you may want to consider using locations closer to where the majority of your visitors are accessing the websites from. Thank you.

  
  Hi and thank you for your answer. The primary DNS is located around 50km away from our office The secondary DNS is located in Germany. However I have found something interesting, HTTP requests is instantaneously and is working at blasing speeds. HTTPS however is taking a very long time, aprox 10-20seconds. Further digging revealed that my DNS is actually working really well and is not the issue, the issue arises when doing SSL requests. [Removed - Please Attach Image Directly To Thread] After some Googleing I have found similar cPanel users with the problem. However the solutions that have been presented have not worked for me. I have tried SSLUseStapling off in Apache settings, with no luck. I have also tried to change some settings that seems to have worked for others: [LIST]

  SSL Cipher Suite: ALL:HIGH:!MEDIUM:!aNULL:!MD5:!RC4

  SSL/TLS Protocols: "ALL +TLSv1 +TLSv1.1 +TLSv1.2 I have also tried SSLStaplingFakeTryLater off with no result. To name a few thing I have tried. Seems I dont have the rights to Edit my post yet, so Ill add the image directly in this post instead of a link as i previously did. i.gyazo.com/12b0b740d04cb5e22b09cbc9173c0dc5.png

  0
• 

  upaxnet

  • April 25, 2017 13:10

  Ok, So I found a solution and the HTTPS is now working at superb speeds. Adding "SSLUseStapling off" in
  Service Configuration -> Apache Configuration -> Include Editor -> Pre Virtual Host Include
  Does not work It get's saved as "pre_virtualhost_2.conf" and somehow the values is not included in the httpd.conf file. Editing the "pre_virtualhost_global.conf" in (/etc/apache2/conf.d/includes) and adding "SSLUseStapling off" seems to do the trick. And it gets included in the httpd.conf file. Don't know if there is a bug in apache with SSL Stapeling or not. So for all of you out there who have a problem with slow SSL connections (First load, rest of the pages goes fast after the first slow loading) this seems to do the trick. Mods might want to move this from nameservers to the appropiate forum section as the nameservers are not to blame here, as I first thought Thanks /Eirik

  0
• 

  cPanelMichael

  • April 27, 2017 15:29

  Hello @upaxnet, You can find discussion of this topic on the following thread: Let's Encrypt Firefox OCSP problem: Secure Connection Failed

  Adding "SSLUseStapling off" in
  Service Configuration -> Apache Configuration -> Include Editor -> Pre Virtual Host Include
  Does not work It get's saved as "pre_virtualhost_2.conf" and somehow the values is not included in the httpd.conf file. Editing the "pre_virtualhost_global.conf" in (/etc/apache2/conf.d/includes) and adding "SSLUseStapling off" seems to do the trick. And it gets included in the httpd.conf file.

  
  If you want the value added to "pre_virtualhost_global.conf", select "All Versions" from the drop-down box under the "Pre Virtual Host Include" section in "WHM >> Apache Configuration >> Include Editor". Thank you.

  0
• 

  Solokron

  • December 26, 2019 19:04

  Is this something which is still relevant and beneficial when using Let's Encrypt?

  0
• 

  cPRex Jurassic Moderator

  • December 26, 2019 19:06

  If you are noticing stapling issues with your SSL provider, these steps are still relevant.

  0

Please sign in to leave a comment.