How are you measuring slowness, please.
Can you show us the “This is fast” timer, and then the “And this is slow” timer. What is that timer, what application/measurement are you using?
Outgoing timeouts are almost certainly a network issue/upstream DNS resolver rate-limiting you or similar.
You’ve looked at your connection tracking table? You’re not having issues with it? Maybe try bypassing any connecting tracking for DNS lookups (here, I wrote a thing about it) and see if that helps with your connection timeout issues.
Trying to help troubleshoot while being drip-fed information is incredibly frustrating I might add
thanks for the suggestion. Im going to close the issue for now since I cant “show” the slowness. The slowness is not something that shows in dig or single queries. I can only compare how fast pages load before and after reset dns forwarding all. Its likely network-timeout=1500 is too long and waiting too long in recursor mode. If there is some better way to show the slowness please let me know and I’ll open the issue on pdns github when I have more data.
Outgoing timeouts means that your resolver couldnt reach the authoritive server it was trying to reach.
Default timeout for such is 2 seconds so if the authoritive server doesnt reply within 2 seconds the resolver will move on to next authoritive server until all have been queried for a specific domain and then giving up.
For you as the client it might feel like something is slow because the resolver cannot reply back to you until it got a final answer (or until all options have been tested with 2 second timeout between each attempt).
You will encounter the similar when trying to login to a ssh-server where your client ip is lacking a PTR-record. If this server is configured with 3 dns resolvers it will take about 6 seconds before you get a login prompt at your ssh-server during your attempt to connect to it. The feeling for the client is that its “slow” to connect to this ssh-server.
These timeouts can be altered (like lowered to lets say 1 second) but will probably lead to more timeouts specially from servers far away or congested authoritive servers.