[dns-operations] Geoff Huston on DNS-over-TCP-only study.

George Michaelson ggm at apnic.net
Wed Aug 21 05:48:56 UTC 2013


On 21/08/2013, at 3:23 PM, Paul Vixie <paul at redbarn.org> wrote:
> 
> Dobbins, Roland wrote:
>> <http://www.circleid.com/posts/20130820_a_question_of_dns_protocols/>
> 
> canard.
> 

We invested quite a lot of time re-checking things with a shorter EDNS0 limit coded into bind, to confirm the TCP failure rate, without the use of the CNAME to force the initial response over the limit. (ie, removing the complication of the CNAME intermediary) It was interesting that even when the A record information appears to be in the TC response, people ignore it and fall back to TCP anyway. I had worried the presence of valid answer and truncate in additional would cause some number of tested people to take the pre-truncation data anyway. it doesn't appear to happen.

The results with a simpler A-only forced TC test the same: we see a gross rate of resolver failure to complete at 17% and a user rate of 2% bearing in mind the extensive use of google 8.8.8.8 and in general, 2+ resolvers per client.

So, while I understand we're not DNS experts and we may well have made some mistakes, I think a one word 'canard' isn't helping.

-G








More information about the dns-operations mailing list