40
submitted 3 months ago* (last edited 3 months ago) by Deemo@bookwormstory.social to c/selfhosted@lemmy.world

Hi guys for those of you that use pi-hole (or similar solutions like adguard home, etc) and wireguard how far away can you be from your wireguard/pi-hole server before latency becomes a major issue?

Also on a side note how many milliseconds of latency would you guys consider to be to slow?

Edit I meant dns latency sorry for not mentioning

top 25 comments
sorted by: hot top controversial new old
[-] slazer2au@lemmy.world 8 points 3 months ago

As with everything, it depends.

A video stream and general web browsing can easily take a 300ms delay no issue, but voice and gaming will have issues.

Voice is fine for upto 150ms according to the IEEE.

[-] Deemo@bookwormstory.social 2 points 3 months ago

Does the 300ms include dns latency?

[-] Bjornir@programming.dev 8 points 3 months ago

Not for the duration of the stream, only for initial page load

[-] MangoPenguin@lemmy.blahaj.zone 4 points 3 months ago

DNS is only used initially on first load, after that the connection is made via IP and DNS isn't used.

[-] chaospatterns@lemmy.world 1 points 3 months ago

Yes, but if you hit a company doing DNS based load balancing, DNS is going to return an IP that's near to your DNS server which may not be near your device. That's going to add to the latency.

[-] canada@lemmy.world 1 points 3 months ago

Yeh but assuming you are in the approximate same geo as you pihole it should be the same now if you deploy your pihole across continents then i would say you should really reconsider your decision.

[-] just_another_person@lemmy.world -5 points 3 months ago* (last edited 3 months ago)

Gotta downvote for misinformation here.

A requested video stream and web browsing is not bidirectional, and the 300ms you use as an example is not the roundtrip of traffic in that case, but also the response time of the application server.

The 150ms jitter for real-time voice/video and gaming netcode is streaming bidirectional , and that number is what most users say is not noticeable in real-time communication. You can obviously have more and still have a stable stream up to what the codec will tolerate.

[-] computergeek125@lemmy.world 2 points 3 months ago

HLS is a bidirectional protocol though - the system's total network latency affects how quickly it can change to a new bitrate stream as conditions improve or degrade. And despite the name, it's not just limited to live content. You can use this to deliver fixed-length content

https://en.wikipedia.org/wiki/HTTP_Live_Streaming

[-] just_another_person@lemmy.world -1 points 3 months ago

Automatic downvote.

[-] jet@hackertalks.com 6 points 3 months ago* (last edited 3 months ago)

Depends on your use case there are multiple factors that guide internet use cases

  • Latency - how fast
  • Bandwidth - how wide/much
  • Loss - how much data is lost, or how much data needs to be sent again

Gaming: latency, loss

YouTube/movies: bandwidth

Video chat/voice chat: latency, bandwidth

Remote desktop/game streaming: latency, bandwidth, loss

Web browsing: bandwidth, latency

DNS latency can be a multiplier for browsing the web, a website can include artifacts from other websites, which then can include other websites, which then can include other websites. Each one of those would require another DNS lookup, and round trip time to the website itself etc. however, DNS was architected for local caching, so only the first lookup should be slow, and then afterwards you should keep that DNS information for future lookups so it's not going to feel too bad once you've warmed up the cache

Rule of thumb: under 100ms feels fine, over starts to feel a little sluggish. Over 300ms and you change your behaviors, and you really feel it.

[-] Deemo@bookwormstory.social 2 points 3 months ago

Thanks for the clarification

[-] Nomecks@lemmy.ca 5 points 3 months ago* (last edited 3 months ago)

Well, 1ms of latency is 300km of distance, so unless you have something really misconfigured or overloaded, or you're across the country, latency shouldn't be an issue. 10-20ms is normally the high water mark for most synchronous replication, so you can go a long way before a protocol like DNS becomes an issue.

[-] Telodzrum@lemmy.world 3 points 3 months ago

I just spent a couple weeks 2,000 miles from my physical PiHoles and was connected to them via StarLink. The latency was not perceptibly different from that when I am on site with the boxes.

[-] Deemo@bookwormstory.social 1 points 3 months ago

How much was your latency out of curiosity?

[-] Telodzrum@lemmy.world 2 points 3 months ago

I don't recall. I was able to use Discord on my phone and play Helldivers 2 on my Steam Deck with friends without issue, though.

[-] pax0707@lemmy.world 2 points 3 months ago

I’ve been away 1-2k km for weeks and noticed no difference. With proper network setup DNS should be the least of your worries.

The only time you’ll notice it is with extremely bad mobile coverage when VPN has issues reestablishing the connection.

[-] computergeek125@lemmy.world 2 points 3 months ago

Others have some good information here - all I'd like to add to the root is that Windows and Mac have a built-in DNS cache and it's pretty straightforward to add a DNS cache to systemd distros (if it's not already installed or in use) using systemd-resolved or dnsmasq if you really dislike systemd. Some distros enable this from install time.

Systems that utilize a DNS cache will keep copies of DNS query results for a period of time, making the application-level name lookup speed essentially 0ms for a cached result. Cold results obviously incur the latency of the DNS server itself.

[-] KyuubiNoKitsune@lemmy.blahaj.zone 2 points 3 months ago

I only really have issues when I'm out of the country, especially when I'm back in South Africa

[-] chaospatterns@lemmy.world 2 points 3 months ago

I have Wireguard and I forward DNS and my internal traffic from my phone over the VPN to my pi-hole at home. All other traffic goes directly over the Internet, not the VPN. So that means only DNS encounters higher latency.

However, because a lot of companies do DNS based geo load balancing that means even if I'm on the east coast all my traffic gets sent to the West Coast because my DNS server is located there. That right there has the biggest impact on latency.

It's tolerable on the same continent, but once I start getting into other continents then it gets a bit slow.

[-] Deemo@bookwormstory.social 2 points 3 months ago

Interesting I always assumed they used ip not dns for geo locating cdns.

[-] chaospatterns@lemmy.world 2 points 3 months ago

There's two main ways of doing geo-based load balancing:

  1. IP Any-casting - In this case, an IP address is "homed" in multiple spots and through the magic of IP routing, it arrives at the nearest location. This is exactly how 1.1.1.1 and 8.8.8.8 work. It works fine for stateless packets like DNS, however it has some risks for stateful traffic like HTTP.
  2. DNS based load balancing. A server receives a request for "google.com", looks at the IP of the DNS server and/or the EDNS Client IP in the DNS query packet and returns an IP that's near. The problem is that when you're doing Wireguard, it goes phone -> pi-hole (source IP is some internal IP) -> the next hop (e.g. 1.1.1.1 or 8.8.8.8), which sees the packet is coming from your home/pi-hole's public IP. Thus it gets confused and thinks you're in a different location than you really are. Neither of these hops really knows your true location of your phone/mobile device.

Of course, this doesn't matter for companies that only have one data center.

[-] LastoftheDinosaurs@reddthat.com 2 points 3 months ago

Would it be better to route that directly? I'm not really understanding the complexity I guess.

[-] chaospatterns@lemmy.world 2 points 3 months ago* (last edited 3 months ago)

Sorry, what do you mean route it directly? Maybe I didn't clarify well enough.

My DNS is routed over the VPN but Internet traffic is routed directly. The problem is the load balancing is done based on where the DNS server is so say Google even though the traffic egresses directly to the internet bypassing the VPN it still goes to a Google DC near my home. Not all websites do this so its not always an issue.

[-] LastoftheDinosaurs@reddthat.com 2 points 3 months ago

Sorry about that, I missed the part about this being for your phone.

[-] Decronym@lemmy.decronym.xyz 1 points 3 months ago* (last edited 3 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
IP Internet Protocol
PiHole Network-wide ad-blocker (DNS sinkhole)
VPN Virtual Private Network

5 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.

[Thread #914 for this sub, first seen 9th Aug 2024, 13:05] [FAQ] [Full list] [Contact] [Source code]

this post was submitted on 09 Aug 2024
40 points (100.0% liked)

Selfhosted

40406 readers
582 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS