Slow Internet with Leopard

How to fix Slow Web Browsing and Slow Internet in Leopard (10.5.x)

Symptoms

  • Web pages load slowly in Safari or Firefox in Leopard.
  • Web sites won’t load, only load partially, stop loading after a few hours.
  • Slow DNS (domain name) lookup in Leopard. First load of web site is slow with “looking up domain” in browser status bar.
  • Once website is loaded, browsing to that site is fast.
  • AirPort wireless strength drops, then Internet connection is lost (see related post).
  • Email programs are slow in connecting to servers.
  • SSH sessions are slow to connect to remote servers.

Possible Causes of Slow Internet under Leopard

  • Your ISP’s DNS servers are (sometimes) slow to respond due to high traffic.
  • Firefox, Camino, Safari is requesting domain name lookups in IPv6 format (2001:db8::1428:57ab), but your DSL router/cable modem answers with IPv4 addresses (192.0.2.235) (references: mozillazine.org, mozilla.org bug, arstechnica.com). Safari may not be affected by this as WebKit is said to use IPv4 domain lookups first, then uses IPv6 if IPv4 fails.
  • Your router, acting as a DNS Proxy, doesn’t recognize nor forward IPv6 domain name lookup requests.
  • Leopard is now requesting SRV (service) records for domain name lookups. Your router does not recognize nor forward to SRV requests.
  • Your ISP’s DNS servers don’t recognize or doesn’t respond to SRV queries or respond with NXDOMAIN.
  • [Added 080618] Poor wireless router performance in general (references: entropy.ch). To test this, try connecting directly to your DSL router/modem if you are using an intermediate router such as an Apple AirPort Base Station, or NetGear/Linksys wireless router and seeing if web and internet speeds increase.

Fixes/Solutions/Workarounds

Details

After upgrading to Leopard, plenty of Mac OS X users have complained of “slow internet” when browsing the web, yet Windows PCs or Macs with Tiger (10.4) on the same network are much faster.

DNS Lookups

A domain name lookup or DNS lookup is done every time you visit a web page, say “apple.com”, as you’re actually visiting “17.149.160.49″. A DNS Resolver on your computer sends a request to a DNS Server that handles this lookup or translation from names (easy to remember) to numbers (hard to remember). Once your browser has this numerical IP address it can start loading the web pages at that server location.

Domain Name System Lookups in Leopard

With Leopard, a major change occurred in DNS lookups. Any program in Leopard that can use version 6 IP addresses (IPv6 explained below) will send out a new type of DNS lookup request - the SRV Record. In Tiger and previous OS X versions, DNS lookups were A record requests.

SRV records are new (sadly, 8 years old is new in the DNS world), provide more information than A records, but have terrible support in terms of hardware (your DSL router or cable modem) and DNS servers that answer with SRV information. For every SRV request that Leopard sends it must wait for a valid reply. If the request fails, Leopard must try again. If it fails again, Leopard will finally ask for an A record. This is one reason why Mac users are experiencing slow Internet on new Macs with Leopard or after upgrading to Leopard from Tiger.

Domain Name Lookup Chain

Diagnosing slow Internet problems under Leopard is difficult due to the many different slowdowns that can occur along the domain name lookup chain when connecting to the Internet in OS X. For an application like Firefox or Safari to find a domain name, this is roughly what happens:

  1. Firefox/Safari is asked to load a web page at a domain name (example: “apple.com”).
  2. Browser starts work on getting an IP address for that domain (a domain name lookup).
  3. Browser checks for recently translated domain names in its own internal “cache” and thus already has the IP address.
  4. If “apple.com” is not found in cache, Firefox/Safari then asks Directory Services (an OS X program that does DNS lookups) for the answer.
  5. Directory Services (DS) searches for the domain in its own DS cache (view the DS cache using Terminal: dscacheutil -cachedump -entries).
  6. If domain is not found in cache, DS checks flat (text) files such as /etc/hosts for the domain name (see the file using Terminal: cat /etc/hosts).
  7. If domain is still not found then DS sends a domain name lookup request to the first DNS server listed for your AirPort wireless card or your Ethernet card (your network interfaces). The first (and usually only) DNS server is often your router (often listed as 192.168.1.1 in System Preferences => Network => Advanced => DNS tab).
  8. If the router doesn’t recognize the name lookup request (SRV/IPv6), the request will be either ignored, returned without result, returned with error. If the router does recognize the DNS request, it checks its own DNS cache for a matching domain lookup.
  9. If domain name is not found in cache, the router forwards the request to the ISP’s DNS server.
  10. If the first ISP DNS server doesn’t respond or doesn’t have the record, the router sends a second lookup request to the next DNS server listed in its configuration. Continue until all DNS servers are exhausted.
  11. When name lookup result is received by router, it saves the result to cache, then forwards the domain name record back to the requesting computer.
  12. Directory Services on Leopard, receives the answer, places it in cache, then returns the results to the requesting application: your browser.
  13. Firefox/Safari receives the DNS record, with IP address, stores it in cache, then starts to retrieve the web page at that location.

(Illustration by Lion Kimbro on Wikipedia - Domain Name Systems article)

Any one of the links in the chain can be a potential source of slow Internet speeds when browsing or retrieving mail, etc. The difficulty lies is finding out where the problem exists and how it can be fix. Compound this complexity with the number of different DSL routers in use in homes, the number of different firmware (software inside the router), number of different ISP DNS servers

Caches

Caches store recent domain name lookup results in order to save time when the domain is requested again. Each time a domain name lookup is made, caches are checked to see if the lookup has occurred recently and if so, use the cache result. If no result is found in cache, the domain name lookup has failed and the DNS lookup request continues down the chain. A domain lookup may fail all the way down the chain until it’s finally resolved with the second or third DNS server listed, taking maybe 15 seconds to finally succeed. But, once domain lookup has been successfully performed, this domain request “answer” is cached all the way back up the chain, for varying amounts of time. Browsers like Safari and Firefox normally cache domain name lookups for 1 minute (30 minutes if you’re Internet Explorer in Vista). Leopard’s Directory Services program caches lookups for one hour (3600 seconds) by default.

Once a successful domain lookup has occurred, web pages from the same site will load very quickly, since the domain and its IP address are known and cached in memory. When the cached domain lookup result expires, the vicious cycle of slow domain lookups restarts. This often leads to the confusing pattern of fast Internet / slow Internet performance that can be seen sporadically throughout a browsing session.

IPv6

IPv6, the new way of addressing all things on the Internet, is important and necessary as we’ll eventually run out of IPv4 addresses (like 17.149.160.49). But part of the issue with slow browsing and slow Internet on Leopard is the combination of how IPv6 is used in Mac OS X and the current state of DSL routers and cable modems.

Whenever a program on Leopard can use IPv6 addressing, such as Firefox, it will request IP addresses for domains in IPv6 and if that fails, Firefox will then try IPv4 domain lookups. The reason this adds to the slow Internet problem is that many routers and DSL or cable modems in peoples homes are not capable of handling/routing IPv6 domain name queries (properly). This can cause repeated, failed DNS queries in IPv6 format, with the requesting application eventually falling back to sending IPv4 domain lookup requests that are successfully answered. The unfortunate problem with this “IPv6 then IPv4″ order of domain lookups is users end up with delays of 5 to 10 seconds “looking up” a domain name, which is not a very long time to wait, but suffering short delays every time you visit a different website can be extremely frustrating.

SRV (Service Record) Requests

Part of the issue may be related to Apple’s decision to follow the Internet Engineering Task Force’s recommendation of using SRV queries instead of “A record” queries when looking up domain names in Leopard.

The problem with Leopard asking for SRV records from DNS servers is that many DNS servers still don’t recognize or respond to SRV type DNS requests, or respond with a non-existent domain (NXDOMAIN) error code. This is not exactly Apple’s fault for asking, it’s actually the fault of DNS server owners who are not updating their servers to the latest standards. Regardless, whenever a program like a web browser requests a DNS record and gets failed responses, or no response at all, the program retries its requests, but only after a certain delay. Each failed SRV request and subsequent retry adds time the user must wait before the browser or application eventually gives up on the SRV requests and tries an old-school basic A record request in an attempt to get the IP address of the domain name. And all DNS servers answer to A record requests, even the old dingy ones not following the latest IETF standards. You, the user, sees this request — no response — retry dance as the browser taking a long time “Looking up domain.com….”, often seen as such on the browser status bar at the bottom left hand corner of the window. Only when the browser or application has received a valid IP address from a domain lookup can it contact the web server and start to download the HTML and display the page.

Timeouts

The delay between lookup retries is important to prevent overloading DNS servers, DNS resolvers (like Directory Services on your Mac) and simply makes sense. It’s similar to walking up to someone’s house and knocking on the door: Normally you wait a few moments for a response before trying again. If you don’t wait, you don’t know whether no one’s home, or whether they’re just taking a few seconds to respond. Continued knocking doesn’t help you. (And perhaps will earn you a stern look if not make you the target of a hissy fit).

Hammering a DNS server with domain lookups without pause is not very productive since the DNS server will simply drop (not answer) requests that it cannot handle within a timely fashion, based on its current load and worse, may get you blocked from the DNS server.

Next we’ll see how we can solve or workaround the issues discussed above that could be slowing down Leopard’s Internet speed.

Solutions

Direct DNS / Better DNS

Update 080606: Leopard 10.5.3 may have changed the order in which DNS Servers are used.

Update 080606: DNS servers entered on a DHCP configured setup are used in reverse order. I.e. the last server entered is the first to be used. If you’ve manually configured a network location, DNS servers are used in the order that you’ve entered them/see them.

New 080606: If you wish to save your current network setup and have the option of returning to it easily, follow the instructions for Creating a New Network Location. Otherwise, follow the instructions immediately below to quickly add new DNS servers.

Add DNS servers to Current Network Configuration

This is the quickest & easiest way to use new DNS servers, which is to simply add them to the DNS tab found in System Preferences => Network => Advanced => click on DNS tab.

Click on the + sign at the bottom left hand corner near IPv6 or IPv6 addresses and type in the addresses of the DNS servers you wish, in reverse priority order. (Recommended: OpenDNS servers at 208.67.220.220 and 208.67.222.222). I.e. the server that you want to use first, enter it last. Afterwards, click Ok. Then in the Network pane, click Apply to make your changes active. If you’re using an AirPort wireless connection, wait a few moments for the connection to be re-established

Creating a New Network Location

The advantage of creating a new network location is the ease of which you can move back and forth between different network setups. By creating and using a new network location, you can always revert your changes by simply selecting your original (Automatic) network location from the Location drop down list.

In Leopard, open System Preferences => Network => click the Advanced button (bottom right corner)


Click TCP/IP tab (top left).
Write down on a piece of paper (or in TextEdit) the IPv4 Address, Subnet Mask (255.255.255.0), Router, and Configure IPv6 setting. Click Cancel.

Find the Location drop down at top of the Network preferences pane. Click it and choose Edit Locations.


Highlight “Automatic” if not already
Click the Gear icon on the bottom center, choose Duplicate Location


Choose a name, I used “Home”.
Change the Location drop down box by clicking on “Automatic” and then switch it to “Home” (or the name you chose in the last step)
You’ll see the following:


Select Airport on the left (or Ethernet if you’re not using a wireless connection).
Click Advanced at the bottom right.
Click on the TCP/IP tab-button.
Change the Configure IPv4 drop down box to “Manually”.
Here’s where you use the values you saved in Step 2. Fill out IPv4 address, subnet mask, router, configure IPv6 settings. Do not click OK, instead click on DNS near the top.
Click the + button, bottom left hand corner. This creates a blue outline under DNS Servers on the left half of this window.

Enter in the DNS server of your choice. I recommend OpenDNS at 208.67.222.222. (Don’t include a period at the end). Add a second OpenDNS server by clicking again on the + button and entering 208.67.220.220. These DNS servers will automatically redirect you to the closest / best server for you, regardless of whether you’re in France (like me) or in North America. Click OK. You should be returned to the Network preferences pane and see something like the following:

At this point you’ve created a new Location called “Home”, having setup AirPort or Ethernet with the correct settings and “Services” (i.e. DNS), but none of these changes have been made active. Let’s make a backup of the configuration file that will be updated before you apply your changes. In Finder, click on the hard disk icon at the top left corner (usually Macintosh HD), then navigate to this directory: /Library/Preferences/SystemConfiguration and find this file: preferences.plist. Simply copy the file to your Documents folder or to a spot of your choice. If you have to rollback the applied changes, you can copy this file back to the above location. If you’re using Time Machine, this file should be backed up already. Now you know where this file is, so replacing it with a Time Machine version should be straightforward.

Before we make our changes effective, we’re going to check how DNS requests are handled now, before the changes, and after to make sure we’ve changed our Network Settings properly.

Leave the Network window open as is and open up a Terminal window. We’re going to be using the tcpdump program to listen to DNS traffic between your computer and your DNS server.

Type this command and hit Enter: sudo tcpdump -i en1 -s 128 port 53

(If you’re using Ethernet with a cable, use en0 instead of en1, which is the AirPort wireless interface).

Supply your password when asked to do so.

You should see something like the following:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes

tcpdump should now be running.

Open up another Terminal window and type the following command: curl http://www.csu.edu

This uses the curl program to read the web page located at www.csu.edu.

Going back to your tcpdump window you should see something similar to this:

00:31:37.026520 IP 192.168.1.132.56645 > WANADOO-D310.domain: 19279+ SRV? _http._tcp.www.csu.edu. (40)
00:31:37.029352 IP WANADOO-D310.domain > 192.168.1.132.56645: 19279* 0/0/0 (40)
00:31:37.029849 IP 192.168.1.132.56646 > WANADOO-D310.domain: 49549+ SRV? _http._tcp.www.csu.edu. (40)
00:31:37.032657 IP WANADOO-D310.domain > 192.168.1.132.56646: 49549* 0/0/0 (40)
00:31:37.034345 IP 192.168.1.132.56647 > WANADOO-D310.domain: 46004+ A? www.csu.edu. (29)
00:31:37.279043 IP WANADOO-D310.domain > 192.168.1.132.56647: 46004 1/0/0 A www.csu.edu (45)

Notice 192.168.1.132. That’s me, or really, my MacBook Pro’s AirPort wireless card. Then there’s a greater than sign (>) showing the direction of DNS traffic. WANADOO-D310 is my DNS server, which is actually the DSL modem/router, a.k.a. 192.168.1.1, which is passing domain name lookups to the real DNS servers at my Internet Service Provider (WANADOO, yeah I know goofy name). Remember the network settings we wrote down before starting all this? You’ll notice that the DNS server is 192.168.1.1.

OK, we’ve got a baseline of what our Mac is doing when looking up domain names, let’s apply our new network location “Home” that we created and see the difference.

Back on the Network preference pane, notice the Apply button on the bottom right hand corner. Once you apply your changes, your Mac will begin using the new Location you’ve created.

Take the plunge and click on Apply.

For AirPort wireless connections, you may have to click the Turn AirPort Off button, wait fifteen seconds, then click Turn AirPort On again in order for the new DNS settings to be used.

Going back to the Terminal window where we executed the curl command, and with our changes set, let’s execute another: curl http://www.unc.edu

Results will look like the following:

00:32:33.562589 IP 192.168.1.132.56663 > resolver1.opendns.com.domain: 39356+ SRV? _http._tcp.www.unc.edu. (40)
00:32:33.767237 IP resolver1.opendns.com.domain > 192.168.1.132.56663: 39356 NXDomain 0/0/0 (40)
00:32:33.767856 IP 192.168.1.132.56664 > resolver1.opendns.com.domain: 62833+ SRV? _http._tcp.www.unc.edu. (40)
00:32:33.809161 IP resolver1.opendns.com.domain > 192.168.1.132.56664: 62833 NXDomain 0/0/0 (40)
00:32:33.811130 IP 192.168.1.132.56665 > resolver1.opendns.com.domain: 45293+ A? www.unc.edu. (29)
00:32:33.853070 IP resolver1.opendns.com.domain > 192.168.1.132.56665: 45293 1/0/0 A www.unc.edu (45)

Notice what’s changed? WANADOO-D310.doman has changed to resolver1.opendns.com.domain. This is OpenDNS’ name for the DNS server we started using, 208.67.222.222, which we entered as our DNS for the “Home” location. Also, note how instead of just getting a 0/0/0 response, we’re getting NXDOMAIN 0/0/0? That’s at least the DNS server responding saying: that domain doesn’t exist (not exactly true, since the domain does exist, but it just doesn’t have an SRV record), rather than the DNS server sending back nothing, not even an error code. Also, notice how our Mac tried twice on asking for SRV records, and the DNS server responded twice, that no record exists for that domain, and then finally our Mac asks for an A record (A?) and gets one answer record back (1/0/0 A ww.unc.edu).

If you want to see a domain that actually has a proper SRV record, try this in the curl terminal window: curl http://s3.amazonaws.com

Results should be something like this:

09:36:56.440037 IP 192.168.1.132.61010 > resolver1.opendns.com.domain: 34536+ SRV? _http._tcp.s3.amazonaws.com. (45)
09:36:56.671881 IP resolver1.opendns.com.domain > 192.168.1.132.61010: 34536 2/0/0 CNAME s3-directional-w.amazonaws.com., (97)
09:36:56.673894 IP 192.168.1.132.61011 > resolver1.opendns.com.domain: 18143+ A? s3.amazonaws.com. (34)
09:36:56.715913 IP resolver1.opendns.com.domain > 192.168.1.132.61011: 18143 2/0/0 CNAME s3-1.amazonaws.com., A s3.amazonaws.com (69)
09:36:57.263186 IP 192.168.1.132.61012 > resolver1.opendns.com.domain: 32069+ PTR? 171.206.21.72.in-addr.arpa. (44)
09:36:57.306060 IP resolver1.opendns.com.domain > 192.168.1.132.61012: 32069 1/0/0 PTR s3.amazonaws.com. (74)

Here we’re getting 2 answer records (the “2″ in 2/0/0) on the SRV requests, which are CNAME records, first being s3-directional-w.amazonaws.com, second being s3-1.amazonaws.com. CNAME records are “nickname” records, which point to true name, or A Record. Right after that our Mac asks for an A record on the first CNAME that was returned to us (s3-directional-w.amazonaws.com) to get back the actual IP address (72.21.207.246), which you can verify by using the dig program.

This fix alone has made my Internet connection much faster since my ISP’s DNS servers were sometimes under heavy load and slow to respond to DNS queries. Most of the time, I’d get name requests done in 200-400ms. Not noticeably slow. But, on occasion domain name lookups would timeout after 7 seconds, multiple times, resulting in up to 21 seconds of waiting for a single name lookup request to occur. This is excruciatingly long when I often open up multiple different websites one right after another when starting a browsing session. To make matters worse, many websites are getting into the practice of placing different parts of the web page on different domain names. Let’s take CNN.com for example. To load this single page of President Obama… oh, I mean senator Obama, waving to the crowd, tcpdump showed name lookups for the following domains:

  1. www.cnn.com
  2. edition.cnn.com
  3. i.cdn.turner.com
  4. i2.cdn.turner.com
  5. svcs.cnn.com
  6. ads.cnn.com
  7. i.cnn.net
  8. ad.doubleclick.net
  9. metrics.cnn.com
  10. m1.2mdn.net

One Page. Ten domains. Ten DNS lookups. Ouch. And I’m not including PTR/Reverse Lookups for each domain, making it really 20 DNS queries.

And does anyone wonder why problematic DNS performance in Leopard would slow web browsing to a crawl?

Disable IPv6 DNS Lookups

Firefox and Camino by default do DNS lookups using IPv6 addresses by default, reverting to IPv4 if that fails. This can be a problem when the router that we are using to connect to the Internet doesn’t work with IPv6 DNS requests properly, if at all.

To disable IPv6 DNS lookups in Firefox and Camino, type the following into the browser address bar:
about:config
If you see a large “Be Careful” warning, simply click on “I understand and I wish to continue”. Next, you will see a long list of Preference Name, Status, Type and Value columns. Above all that is a bar in which you can filter which preferences to view. In the Filter bar type: ipv6
You should see something like the following:

To change the value for this preference simply double-click the name “network.dns.disableIPv6″. The value you want is “true”, which means that IPv6 DNS requests are disabled. If this value is already “true”, don’t double-click this preference.

To make the preference change active, close the browser and Quit Firefox completely (Apple Key + Q), then restart Firefox. You may have to repeat this Quitting and Restarting to have the change take effect.

After making this change, Firefox (or Camino if that’s what you’re using) will use IPv4 only when performing DNS requests.

Update DNS Servers on Router

If you have access to your router’s administration web page, you may be able to set its DNS servers manually, avoiding the buggy DNS servers located at your ISP. Refer the manual that came with your router, or speak with your service provider about how to access the router’s administration page. Often this page can be accessed at http://192.168.1.1, so simply type that address into your browser’s address bar and press Enter. With any luck you’ll have access to the Administration login page. Many router administration sites don’t have passwords, don’t have usernames, or use very simple standard passwords such as “admin”, leaving it up to the owner to change it to something more secure. Visit the router manufacturer’s web site for more information about accessing the administration features of the router.

Keep in mind that updating the router’s DNS servers will not avoid problems you may be encountering with the router’s poor DNS Proxying/Forwarding support. If your router can’t handle IPv6 or SRV requests coming from your Mac, these DNS requests will stop here at the router and will not be forwarded onto the new DNS servers you’ve just specified, making this fix completely ineffective. DNS requests that your router cannot understand will likely be ignored or returned without answer results. DNS Proxy/Forwarding issues are discussed further in the next section.

Update Router Firmware

For those who need to continue making DNS requests through their router, rather than directly against DNS servers, due to VPN or tunneling requirements, your fix may lie in upgrading your router’s firmware. Routers are in effect “the” DNS server for the majority of home broadband Internet connections since it acts as the DNS Proxy, taking domain name lookup requests from your computer, passes them to the ISP’s DNS servers for resolution, receives the results, and finally passes the name lookup results back to your Mac, all transparently in the background. This is why your DNS server address is the same as your “Gateway” which is a fancy name for your router, since all traffic passes through this “gate” of sorts. Thus the Gateway address is often 192.168.1.1, which in turn is also the address of the DNS server for the “Automatic” network Location in Leopard.

Be aware that DNS Proxying is a common failure point in the domain name resolution chain. If the router is not compliant with the latest Internet Task Force standards, it may not know what to do with SRV requests (which Leopard now uses) and may simply ignore them, return empty results, or return NXDOMAIN (non-existent) errors. Again, a firmware update may bring your router up to the latest standards for DNS servers.

If the router is a DSL Cable modem/router, contact your ISP and ask whether there is updated firmware for the model of router you’re using. If you’re more of a do-it-yourself person you can attempt to find the manufacturer of the router/modem and find the latest firmware from their website, if available. Disclaimer: updating the firmware of your router with the wrong firmware, or not completing the firmware update due to power loss, will render your router useless. Do not attempt to update the firmware if you are not confident of what you’re doing.

New Information


Update 080606: As per a discussion on Macosxhints forums, Apple may have changed the order in which DNS servers are used. In the screenshot, the listed DNS servers are used in the order they are seen, under Leopard 10.5.2. This is true for a manually configured Network Location. In 10.5.3, users are seeing the opposite order, i.e. In a DCHP configured Network Location (automatically done by your DSL router and ISP), the DNS servers listed are used in reverse order. (Bottom server is used first, then moves up the list as needed). Thus adding a new Network Location to use a given DNS server would be unnecessary.

Update 080614: Airport Wireless Connection Drops - This is a common problem for Leopard users after upgrading to 10.5.2. This isn’t exactly a slow Internet problem, but rather, a “no Internet” problem. See this related post on wireless problems on Apple AirPort connections.

The Beginning

This is not the end, but rather, the beginning of an article that I hope will continue to grow in scope to cover more problems and offer more solutions to slow Internet problems in Leopard. Please leave a comment if you’re experiencing a problem not discussed here and we’ll get working on diagnosing the issue and searching for a cure.

If you’re having troubles implementing a fix listed above, leave a comment and I’ll try to expand on the topic or reword it so that it is understandable to you and to everyone else I’ve confused.

Keep in the Loop

- Ben


Related posts:

  1. Debugging Mac OS X DNS - tcpdump
  2. 1.0.0.127.dnsbugtest. 1.0.0.127.in-addr-arpa
  3. Automountd trying to connect to Backups.backupdb

Tags: , , , , , , , ,

This is odd. I am running a Mac with OS X 10.5.3 and tcpdump shows it is requesting A records right from the get go, no requests for SRV records first. I did not make any changes to the network configuration, just pointed the Mac at my wireless router from D-Link which serves as a DNS server and a DHCP server. I do see DNS performance problems sometimes, but A vs SRV doesn’t seem to have anything to do with it. I also didn’t see anything IPv6ish going on. So I guess the Comcast DNS servers are slow…

Me neither, Tilo, no SRV requests coming directly from Safari/Firefox/Camino at least on my MacBook under 10.5.2. For me it was definitely slow/unresponsive DNS servers at my ISP. OpenDNS on the other hand is very consistent in DNS performance considering they currently handle 30,000 lookups/sec as of June 2008 and DNS is their core business.

Wow, I have been dealing with slow internet for months now, and spending hours trying to implement contradictory advice on this issue from countless mac osx forums… and this post (namely the DNS instructions) just fixed it all.

I had previously played around with the DNS servers, and had added in openDNS servers, but whatever order I was doing it in, in addition to tweaking other router/airport settings, was providing a one-step-forward, two-steps-back solution for me.

Thank you so much. I just breathed out a giant sigh of relief.

Shannon, thanks for your reply and I’m really glad the instructions helped. You’re most welcome.

I know exactly how you feel about the “countless contradictory bits of advice” which is exactly what I found when starting to debug this slow Internet on Leopard problem. It was like building a jigsaw puzzle, but some pieces just wouldn’t fit (because they belonged to other puzzles).

Hi,

linked here from
macrumors forum and found your article extremely useful!

it was well written and concise, and featured step-by-step accounts on how to update my dns. also, i liked how you analysed the problem and explained clearly in layman’s terms so that people like me (who can be quite tech-stupid) can still understand what went wrong.

thanks for your help again, my internet runs perfectly now. cheers i owe you a drink ;)

Hi Ben,

Thanks for the post - it seems there are a zillion posts about this on the web - yet none of them do anything! i have tried implementing your fix, but it doesnt seem to have worked on my iMac. I have a 24″ iMac Intel Processor, running Leopard 10.5.3. I followed all the steps you outlined but doesn’t seem to have made a difference…. My wireless shows near full if not full connection, yet it runs like a 56k modem, and eventually stops picking up anything - if i plug in ethernet from same modem its perfect….

Could you offer any guidance on this issue?

Cheers

Jon

Hi Jon,

I recently ran into some Apple AirPort wireless Internet problems myself with Leopard 10.5.2. In particular the wireless connection strength would momentarily drop, Leopard would search for another stronger base station without success, but in the meantime, my current connection to my original base station is lost, never to return.

The fix was rather simple: delete the com.apple.airport.preferences.plist file and let Leopard create a new one. Get the full instructions here.

Ok, I have an interesting dilemma… We are running this Mac on an Active Directory domain. Thus, it wants to use our domain and it’s lookup first. And if I change the DNS (well, if I add another DNS, like OpenDNS) it will break it’s ability to talk locally on the network.

I did add the domain to /etc/resolver like I saw how to do somewhere else on google. This fixed the ‘not being able to locally connect to stuff’ problem, but the internet on these Mac’s are still terribly slow. Those DNS entries I put in for opendns, do work on my own MacBook pro, so it’s not them. And, they are on the bottom of the dns reverse lookup (meaning they should be used first).

Anyone have any suggestions?

Jason,

The reason OpenDNS servers (simply added to your current Network location’s DNS servers) break your Mac’s ability to talk to local services, is because OpenDNS will always return a location record for any request. This is how they make their money: by returning search results for non-existent domains. Even ISPs have started this practice, so it’s becoming ever more rare to avoid this problem.

I’m wondering if you followed a good set of “google instructions” or a bad set.

Have you tried these instructions on using specific dns servers for specific domains?

Any ideas on how to do this for safari?..

Thanks much for these instructions and to mac rumors, that’s where I found the link for your site.

I followed along and got to the terminal part but for some reason it wouldn’t accept my password, tried a few times with no luck. So I went ahead and hit Apply and it seemed to work but then I lost the connection. So I went back to Automatic and it was connected and I noticed I had a new IP address. So far it seems to be faster than it was.

What I don’t understand is how did I get a new IP address. My understanding was that it can’t be changed.

As long as it works I’m happy.

Thanks again.

Thank you very much for your explanations. I recently installed Leopard on a powerbook G4 1,25 Ghz and the internet connection was very low. using your instructions, the connection is now very good.
I did the same thing on my Macbook Pro which was, by time, slow too and it is now well configured for surfing!
Thanks a lot

Thanks U..I was having hell with slow Browsing and Download speeds… I installed Firefox and disabled IPv6… now 100% but better.

Jamaica

Hello Ben,

I now have much faster internet again! Thank you so much for this help. Many other sites explained the problem well enough, but only this site gave a working solution! Thank you for explaining how to solve Leopard slow internet / slow DNS issue by bypassing the router for DNS queries using network preferences!

A couple of questions on bypassing the router’s DNS.
1. It appears that adding the DNS server in network preferences under one account applies to all accounts. Is this correct? (Note that if you change the IPv6 setting in Firefox that must still be done for each user account).
2. If I wanted to I could still use the DNS provided by my ISP by specifying that server instead of or in addition to the OpenDNS servers, correct?

BTW, I promoted this search result in Google because it was such a helpful support article. I will also promote it at the other sites that I used when trying to solve this problem. Thanks Ben!
============
Below is a description of my problem and how I solved it so that it might help others fix their slow internet / DNS issues / cannot connect to server in OS X Leopard.
============

I had been having trouble connecting to websites periodically ever since I got an aluminum MacBook. The problem was occurring in Firefox, Safari, and even non-browser programs. I had the hardest time figuring out the cause. I noticed Firefox would display “looking up …” or “waiting for server …” in the status bar for several seconds. Once the site was found content loaded very quickly. But some sites would refuse to load. Clicking refresh would not get the site to load no matter how many times I tried. Only waiting a long time and trying again would work.

On Apple’s support site I saw many people complaining about poor internet speeds and they believed it was due to a bug with the wireless card on the late 2008 aluminum macbooks. Well I thought this might be the problem too, but there seemed to be no solution. Then I tested with a mid 2008 white macbook and found there was still the same problem. So I figured the problem was elsewhere.

Well I eventually found some information describing the cause of the problem on the JungleDisk blog http://blog.jungledisk.com/2007/10/31/leopard-dns-issues-and-work-around/ . The solution I got from that site and others was to flush the DNS cache of OS X. However, this does not prevent the problem from occurring. It only made the computer actually retry to contact the server. I was still having slow connections and still getting “failed to connect to server” or “server not found”.

Then I tried to use a different DNS server. I changed my router settings to use OpenDNS instead of my ISP’s DNS servers. This still did not resolve the problem. I also tried updating my router’s firmware. However, there is no newer firmware and no IPv6 support. It looks like my router will never be compatible with IPv6. I was planning to get a new router anyways. Now when I upgrade I will look for IPv6 support!

Having found the wonderful article here, I learned that it was possible to bypass the DNS server/forwarder inside my router. Then I could choose a DNS server that supports the SRV requests that Leopard uses. This way the broken link in the chain is eliminated.

So I followed your instructions to add the OpenDNS servers to OS X network configuration (not my router’s config). This bypasses the DNS in the router and uses the DNS server directly. This solved the problem!

For good measure, I also turned off IPv6 support in Firefox.

I now have much faster internet again! Thank you so much for this help. Many other sites explained the problem well enough, but only this site gave a working solution! Thank you for explaining how to solve Leopard slow internet / slow DNS issue by bypassing the router for DNS queries using network preferences!

Erik,

Impressive comment!

In response to your questions:
1. It appears that adding the DNS server in network preferences under one account applies to all accounts. Is this correct? (Note that if you change the IPv6 setting in Firefox that must still be done for each user account).

Yes, I believe DNS settings are a system wide setting that are set in place even without anyone logged in.

2. If I wanted to I could still use the DNS provided by my ISP by specifying that server instead of or in addition to the OpenDNS servers, correct?

Yes you can still use the DNS provided by your ISP as a backup. Multiple DNS entries will be used in reverse order, i.e. last DNS server entered will be the first tried when performing name to IP lookups.

Thanks for your excellent feedback,

Ben

Ben, your explanation was fantastic. I’ve never used Terminal for anything before, but felt very comfortable following your instructions. My wife’s Macbook is now browsing at lightning speed. (I’m still not sure why things slowed down suddenly on her machine only a couple of days ago, but what the heck!)

Thanks and Happy New Year.

>If you have access to your router’s administration web page, you may be able to set its DNS servers manually, avoiding the buggy DNS servers located at your ISP.

I don’t understand. What DNS servers do I set manually. Where do I find in my Router admin to set dns servers, and what do I set them to?

Hi Keith,

The DNS servers I would recommend would be OpenDNS servers.

To enter the administration website of your router, you’ll need to refer the instruction manual that came with it. You’ll basically be able to access the administration site as if it were a website on the Internet, yet it controls the router itself.

Best regards,

Ben

Thanks Ben. It works great for one Mac, however, the other still doesn’t work, although I only did the DNS change on the router. What other part do you think I need to do to the other Mac to make it work as well?

Keith

I’m completely computer illiterate and I was able to do this. The only part I couldn’t understand was “open a Terminal window.” But when I minimized the System Preferences window and hit Safari to look online for what a terminal window was, I didn’t need to worry about it, because the internet was moving a lightning speed again. So I just applied the changes you instructed.

Thank you, thank you, thank you!!!!

Thank’s so much! You have saved my life! I was searching for this solution for month and it was worse after oday Airport updates.

I apologize for my bad English, I am a French speaking person from Montréal.

Ben…..this explanation is great!!! Thanks!!!

When I tried to access a web page it took 2-4 seconds (showing “Contacting…” in the Safari status bar) before starting to display content, sometimes missing parts and sporadically timing out.

In an attempt to solve it I installed Safari v4 beta; I may be wrong, but it felt the “Contacting…” time even increased. However, displaying the content seems to go faster.

For me your first solution “Direct DNS” did the trick! “Contacting…” time less than half a second now. I am grateful.

Also looked at your second solution “Disable IPv6″, but entering “about: config” does not display results. It may wel be that that’s because I am using a beta version now.

WOW I searched forever and this was exactly what i needed. Thanks again for doing this.

Ben, I can’t thank you enough. Like others, a Google search found many forums on this problem but your solution is the only one that worked. My 20 mbps connection is now acting as it should. If only Apple would fix this issue with an update or in Snow Leopard.

Thanks again.

I have had the wireless issue on my iMac (2008 edition) for months and after eliminating most of the other possible causes, I concluded that in my case the problem is most likely related to DNS/SRV lookup issues. My iMac running OSX 10.5.6 would not stay connected. The same machine on the same wireless network in the same environment running xp in bootcamp had no problems with the wireless network. I was not able to get any of the solutions on this page to work (I believe due to my ISP blocking other DNS servers).

Well, I updated to 10.5.8 last night and my wireless is now working in OSX. There is a reference in the release notes related to wireless:
“compatibility and reliability issues when joining AirPort networks”

So, give 10.5.8 a try - I am sure it won’t solve everyone’s problem, but you may get lucky. Maybe Ben can do some testing to see if there really is a fix.

This have fixed issues on my mac. Paypal and Amazon for example did not completely load. It was as if the css files did not load. These files were on a different domain name when I had a look at the html source, and my mac did not want to resolve do those domain names.

However I still have another interesting issue: whenever I try to connect via FTP with FileZilla, the directory listing times out. In other words it does connect but the directory listing creates problems. All the above did not fix this issue yet.

I have solved the FTP problem. My router MTU setting was set to 1423 and my network connection on my Mac was set to 1500. I have changed the setting to manual and to 1423, and now it works. It was on auto, so it seems that auto does not work.

Wow I really want to say that you’ve done a terrific job Ben, I reinstalled Mac os x to fix the problem but the slow-internet problem still persisted. Then I found your guide here and it was such a great help! Again, thanks Ben, wish you all the best.

Ben,

I followed all your advice above, but the only thing that got better is my PING. It went from about 400ms to 230ms, which is still poor. This is really frustrating because I pay $80/month for 10mbps internet, but get on average about .5mbps. The other people I live with don’t have any problems. In fact, it seems like every time they use the internet for any reason, it takes practically all my bandwidth away. Also, my upload speed is consistently higher than my download speed.

We have called our ISP multiple times complaining. The tech support even had us write an email to the corporate office, but we have not received a reply, and probably won’t.

Is it possible my computer is slowing it down? Another guy that lives here has a brand new mac, but has no problems. The other guy has a PC, but also has no problems. It’s only when my computer is involved when it slows down. Could it just be my computer? I have a MacBook Pro I bought in 2007. If so, is there anything else you recommend?

If you decide to help me out, please put it in simpler terms as I do not know the entire internet nerd jargon (Ha ha).

Katy

Thanks for this! Setting up a new network location with the OpenDNS servers solved the problem perfectly. I especially appreciate your clear instructions, as I am a total luddite, but was able to follow.

Thanks again!

Great information. Some combination of using OpenDNS and disabling IPV6 did the job for me. I think my Netgear WGR614 router is partially to blame, I’ve read elsewhere that it doesn’t play nice with IPV6 requests.

Hi.. I did what you described (I’m not a computer person.. and I find this all very confusing, but managed to get through until the dig program part.) my internet is still slow.. and I don’t know what to do. This is a recent occurrence and is really getting on my nerves.

I have a Mac OS X version 10.5.8

what should I do?

Thanks. I did as instructed and made sure I saved the plist but didn’t bother with the terminal pages.

Final set-up was using DHCP and simply added the suggested DNS servers. I cannot believe the difference it has made. Phenomenal!

I checked out the BBC news iste that is usually a bit sluggish and it flew.

Brilliant - many thanks

Michael

Ben Thank you soOooo much, you just made me feel very powerful…
I had a PC and just bought a Macbook…was just about to regret my purchase with such a slow connection…everything sorted out now, thank you for making it possible!!

I read all of the comments, complaints and solutions offered on various sites for slow Safari. Mine has been killing me. Pages won’t load, or only will load if I stop and start the load over and over. It is incredibly slow on many pages/sites, but super fast on other sites or when I do a speed test (speedtest.net). I tried configuration changes to Safari and my router, using OpenDNS, and all those suggestions off the boards. My Windows PC works fine and does not have the slow internet problems. I have a cable modem and separate Belkin $80 router. Belkin has never offered any SW updates, and I have the most recent updates for all MAC SW. It got worse (slower) with updates of MAC SW, not better. When I plug directly into the cable modem Safari works fine. Through the router, whether wifi or cat-5, it does not work well, as described above. I believe that the router is not forwarding or proxying messages that Safari now requires (DNS related and other things maybe). I bought a new router, which happened to be the MAC router extreme, and all works totally fine! That’s it. You can beat your head against a wall playing with things, or just go buy a new router that deals with it.

This is an excellent article - thanks for posting!

I think changing the DNS server is doing the trick - I will see how it goes long term.

Awesome job Ben! My wife and I both have Macs and have had the slow internet issue for like two years or more. Just changing the DNS to the one recommended
did the trick for both or our computers. How easy was that. Do you know how much time I have waisted sitting and waiting for AOL to launch or countless websites to load?… It’s like having a new computer!
Sincerely,
Ryan and Noelle

Thanks so much for the DNS suggestions. My machine is now working at lightning speeds.

thanks a lot.. its quite sad its not helped me though.. im so so so tired of my mac.. i bought a second hand n dont hav the user password! phew.. guess il have to sell it off too.. :(

Thanks Ben!
I can’t believe how simple you made the solution sound. I began reading your article not even understanding DNS though I still don’t understand iPv4. but who cares because your fix will make me a hero now that our internet is back in the fast lane.
Thanks,
Brian

I’m sooo frustrated.
-I have a cable modem > Netgear router > 3 computers.
-An iMac with SnowLeopard - 10.6.2 - no internet slowness at all
-Dare i say, a Windows XP PC - no internet slowness either.
-A G4, dual 1.8 Ghz with 1.5GB of RAM. I’ve erased and installed fresh, Leopard 10.5. = internet is crawling.
I’ve tried adding the DNS as you’ve described above by duplicating the Location. Everything was checking out fine thru Terminal, but still the browsing was a problem. I don’t get it.
I restarted Safari. I rebooted
Still slow.
I’m reluctant to change anything on the router, because the other 2 machines are absolutely fine.
Please advise?

This advice was great! I’m terrible at trouble shooting, and was able to follow your advice perfectly. Disabling the IPv6 DNS lookups is what fixed it. *big sigh*- thank you!

Thank you for your help. The only thing I was able to get it to work was to change the MTU settings to 1452 which I read on the numerous sites that I have been browsing trying to solve this problem. It worked great, for 30 minutes. THen it started all over again. When I tried your solution, I got to terminal where I entered the Tcdump command and it said device not configured so I could not go on from there. Any suggestions?