[dns-operations] Random question about Google resolver behaviour and long-lived TCP sessions

Petr Špaček petr.spacek at nic.cz
Mon Sep 30 11:14:50 UTC 2019

On 27. 09. 19 18:19, Alexander Dupuy via dns-operations wrote:
> Tony Finch wrote:
>     So I wonder if Google have implemented EDNS TCP keepalive. If you change
>     what BIND calls tcp-advertised-timeout, do Google's TCP connection
>     lifetimes change to match?
> Google Public DNS has not implemented EDNS TCP keepalive, neither as a server for its clients, nor in its TCP connections to authoritative servers. Has BIND added support on its client side, or only as a DNS server? It seems like Unbound has client and server-side support (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231283), and the GetDNS client code also supports it (https://getdnsapi.net/releases/getdns-0-9-0/) but those are the only ones I found.

Knot Resolver has a stub implementation of EDNS keepalive:

Quote from docs:
The edns_keepalive module implements RFC 7828 for clients connecting to Knot Resolver via TCP and TLS. Note that client connections are timed-out the same way regardless of them sending the EDNS option; the module just allows clients to discover the timeout.

When connecting to servers, Knot Resolver does not send this EDNS option. It still attempts to reuse established connections intelligently.

> I don't see any implementations of RFC 8490 (DNS Stateful Operations).

BTW the protocol is complex like hell so I do not see it being implemented soon, if even, in Knot Resolver.

Petr Špaček  @  CZ.NIC

More information about the dns-operations mailing list