[dns-operations] Resolver preference: Long TCP sessions vs repeated handshakes?
Florian Weimer
fw at deneb.enyo.de
Mon Sep 26 20:41:43 UTC 2016
* Ray Bellis:
> On 23/09/2016 13:47, Florian Weimer wrote:
>> RFC 5966 section 5 suggests that concurrent TCP connections to resolvers
>> should be avoided.
>
> No, it says that they MUST be _minimized_. That's altogether
> different.
I'm not sure I understand the difference.
> That said, RFC 5966 has been replaced by 7766, which now says (§6.2.2):
>
> To mitigate the risk of unintentional server overload, DNS clients
> MUST take care to minimize the number of concurrent TCP connections
> made to any individual server. It is RECOMMENDED that for any given
> client/server interaction there SHOULD be no more than one connection
> for regular queries, one for zone transfers, and one for each
> protocol that is being used on top of TCP (for example, if the
> resolver was using TLS).
This is not very illuminating, either.
What does RFC 7766 mean with “client”? A whole host, or an individual
process (or even thread in a process) running on a host?
More information about the dns-operations
mailing list