1

I have been trying to measure the DNS latency using PowerShell.

I want to check the DNS response time and want to skip the local resolver cache, so I used nslookup and it works fine except when I compared the results with Resolve-DnsName cmdlet's response.

(Measure-Command { Resolve-DnsName www.google.com -DnsOnly }).TotalMillisecond

NOTE: I am using -DnsOnly argument to ensure that Resolve-DnsName uses DNS protocol only for name resolution.

Resolve-DnsName returns response in ~10 ms while nslookup returns response after >100ms

I am not sure how Resolve-DnsName internally works, but I am not sure which result to rely on.

Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328
user6037143
  • 516
  • 5
  • 20
  • I believe Resolve-DnsName is using cached results while nslookup is actually making a request to DNS servers. –  Dec 06 '18 at 20:27
  • That's what I also initially thought, but then `Resolve-DnsName` documentation indicates passing `-DnsOnly` argument forces it to send request to DNS serves which implies it skips the cache. – user6037143 Dec 06 '18 at 20:37
  • It implies it, but who knows if that option is actually working. I would maybe try to flush your DNS and see what happens. Maybe try specifying the DNS server in both commands. –  Dec 06 '18 at 20:38
  • So I flushed my DNS cache and only added about 9 ms to my Resolve-DnsName. I'm able to duplicate this behavior. –  Dec 06 '18 at 20:48
  • I have passed DNS servers in both the commands but no difference in result. – user6037143 Dec 06 '18 at 20:50
  • 1
    I think the time difference you observed is because with `nslookup` you're spawning a new process, which is not the case with `Resolve-DnsName`. – Ansgar Wiechers Dec 07 '18 at 10:18

2 Answers2

0

I would use Resolve-DnsName instead of nslookup.

See: The new nslookup: Resolve-DnsName.

You are seeing the speed improvement because Resolve-DnsName is a brand new native PowerShell command that after being loaded, runs inside the PowerShell instance. nslookup is an executable that has to be loaded and ran in a new thread etc. This allows for Resolve-DnsName to run much faster, and with less overhead. Also, because Resolve-DnsName is a native PowerShell command, it has many more options open to you than nslookup.

HAL9256
  • 12,384
  • 1
  • 34
  • 46
  • What I am trying to measure is DNS response time. Is there any way to measure that? – user6037143 Dec 06 '18 at 21:52
  • 1
    I think that `Resolve-DnsName` would give you the closest, correct, response time that you are looking for. Conceptually, the DNS response should be nearly the same for both commands, since `nslookup` is 90ms+ slower that's all caused by the overhead of running the command. When I was running some tests, `Resolve-DnsName` came pretty close to `ping` response times which conceptually should be very close to each other. – HAL9256 Dec 06 '18 at 23:05
0

Nslookup does not look at NRPT table: Get-DnsClientNrptRule

-Resolve-DnsName does look at the table

-DNS queries from a client machine query NRPT

-For this reason, Resolve-DNS should be used instead of nslookup

-Another solution is to use DIG instead of nslookup

b-money
  • 1
  • 1