[dns-operations] Random question about Google resolver behaviour and long-lived TCP sessions
petr.spacek at nic.cz
Mon Sep 30 11:14:50 UTC 2019
On 27. 09. 19 18:19, Alexander Dupuy via dns-operations wrote:
> Tony Finch wrote:
> So I wonder if Google have implemented EDNS TCP keepalive. If you change
> what BIND calls tcp-advertised-timeout, do Google's TCP connection
> lifetimes change to match?
> Google Public DNS has not implemented EDNS TCP keepalive, neither as a server for its clients, nor in its TCP connections to authoritative servers. Has BIND added support on its client side, or only as a DNS server? It seems like Unbound has client and server-side support (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231283), and the GetDNS client code also supports it (https://getdnsapi.net/releases/getdns-0-9-0/) but those are the only ones I found.
Knot Resolver has a stub implementation of EDNS keepalive:
Quote from docs:
The edns_keepalive module implements RFC 7828 for clients connecting to Knot Resolver via TCP and TLS. Note that client connections are timed-out the same way regardless of them sending the EDNS option; the module just allows clients to discover the timeout.
When connecting to servers, Knot Resolver does not send this EDNS option. It still attempts to reuse established connections intelligently.
> I don't see any implementations of RFC 8490 (DNS Stateful Operations).
BTW the protocol is complex like hell so I do not see it being implemented soon, if even, in Knot Resolver.
Petr Špaček @ CZ.NIC
More information about the dns-operations