[dns-operations] Always replying to UDP requests with TC=1, good practice or not
Paul Vixie
paul at redbarn.org
Mon Oct 19 07:06:30 UTC 2015
On Monday, October 19, 2015 08:28:28 Ralf Weber wrote:
> Moin!
Blargh!
> ...
> In general answering TC=1 for every query seems like a bad idea as it
> triples the RTT for every query, as other said.
noone has argued in favour of that. noone i know has done it in production.
and the patent i'm thinking of doesn't work that way. so, let's discuss what's
actually being done:
process_udp(src_ip, src_port, dns_payload) {
if (!has_done_tcp_recently(src_ip))
send_tc_1(src_ip, src_port, dns_payload);
return;
}
// answer normally
}
the function has_done_tcp_recently() can be a time-series bloom filter, thus
approximate for non-negative answers, an acceptable loss of performance since
it means that on positive collision ("maybe"), an extra TCP session is
incurred.
it's still a bad idea, even though most UDP queries are answered without TC=1.
--
Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151019/9d280c10/attachment-0001.sig>
More information about the dns-operations
mailing list