Unbound Unbound and dnscheck results

[swejuggalo]

I decided to try out Unbound on two routers. Both starting to climb over 60% hits. Pretty much basic setup.
However, there is a major difference.
https://dnscheck.tools/ shows extreme different results.
They show drastically different ping.
The biggest difference is that AX88U don't use Diversion. But AX88U is the one that generally have the bigger workload.
They are running solo and have their own external IP.

Tried searching and digging but I can't really explain this behavior. It feels like I have no more things I can check to prove what could cause this.
It's in the area of being steady at approx 30 (AX88U) to peaking at 500 with lows on 200 ms (BE88U).

 

[swejuggalo]

Some testing.
OpenVPN seems to be a no go, if I want to use the router as DNS. Perhaps it's possible to fix somehow.
Built-in Wireguard - it's works. But DNS tests are slow. Only on BE88U.
Tailscale - works better, but I can't use the router as exit node. Then I'm one layer infront of any form of DNS options other than the basic DNS option of WAN DNS Setting (DoT options and Unbound are both bypassed).
According to my tests right now, Tailscale as a exit node that is connected to the router is faster than the exit node doing the same test

 

[Tech9]

Unbound will be always slower with test generating unique queries. None of them is cached, >100-200ms is expected. You know what Unbound does and how it works, correct?

 

[SomeWhereOverTheRainBow]

Unbound will be always slower with test generating unique queries. None of them is cached, >100-200ms is expected. You know what Unbound does and how it works, correct?

Even with some of the best dns servers the public has to offer the query time is still inside that range.

So I do not think that behavior is unique or exclusive to unbound. It is more so a behavior of any dns server performing those dnssec checks.

 

[swejuggalo]

Unbound will be always slower with test generating unique queries. None of them is cached, >100-200ms is expected. You know what Unbound does and how it works, correct?

But even when not cached, the big differences is interesting, right?

I know how to ssh into the router and check for example.
dig google.com @127.0.0.1
And see the different responses. But this is from the router perspective.

I'm also interested into testing how the full response time, google.com to the client and compare that. For no other reason than fun.

 

[Tech9]

If you are trying to compete with Google, Cloudflare, OpenDNS, etc. - you have no chance.