[dns-operations] Resolver preference: Long TCP sessions vs repeated handshakes?

Shane Kerr shane at time-travellers.org
Fri Sep 23 13:59:10 UTC 2016


At 2016-09-23 14:47:13 +0200
Florian Weimer <fweimer at redhat.com> wrote:

> RFC 5966 section 5 suggests that concurrent TCP connections to resolvers 
> should be avoided.
> Due to architectural constraints, I have a choice between multiple 
> parallel connections and long-term connections, or a new TCP connection 
> for each query (which is closed after the response is received).
> Which option is preferred by resolver operators?

While I think it is good to ask operators, I doubt that anybody has
much experience with large numbers of stub resolvers that use TCP.
(It's *possible* that nailed-up TCP may result in fewer packets and
actually reduce server load, for example.) So I'm not sure operators
will have a better idea how to advise you than anyone else.

I think some simulations would be the best approach to understand the
implications. Something that could replay the same traffic in UDP or
TCP (using the original timings) would give you a tool you could use to
measure server impact. If such a tool doesn't exist it sounds fun and
not too hard to build - contact me off-list, maybe BII can build this
for the research. :)

> This is about a special mode which uses TCP by default, which is 
> activated by system administrators to work around issues with UDP packet 
> delivery.  The default mode still tries UDP first.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160923/40dc1089/attachment.sig>

More information about the dns-operations mailing list