[dns-operations] Cloudflare considered harmful?
Viktor Dukhovni
ietf-dane at dukhovni.org
Fri Apr 17 21:38:30 UTC 2020
On Fri, Apr 17, 2020 at 01:19:02PM -0700, Marek Vavruša wrote:
> This should be fixed as of yesterday.
Thanks! Yep, it is working now:
$ hsdig -n 1.1.1.1 -t soa _25._tcp.blue.xy1.nl.
; NoError AD=1
_tcp.blue.xy1.nl. IN DNAME _tcp.xy1.nl.
_25._tcp.blue.xy1.nl. IN CNAME _25._tcp.xy1.nl.
_25._tcp.xy1.nl. IN CNAME _dane.xy1.nl.
xy1.nl. IN SOA ns1.xy1.nl. dns at xy1.nl. 2020030334 86400 7200 3628800 300
I'm also seeing much better performance from the DANE survey today,
somehow between Cloudflare, Verisign, Google and Quad9 the throughput is
today at ~850 domains/sec ~1.6x higher than prior at ~540/sec. Some
stats from dnsdist:
Address Qps Wt Lat
1.0.0.1 507.1 800 215.1
1.1.1.1 519.5 800 227.6
64.6.64.6 521.7 800 156.3
64.6.65.6 536.3 800 179.3
8.8.4.4 232.5 400 175.5
8.8.8.8 251.6 400 168.9
9.9.9.10 145.8 200 236.6
149.112.112.10 124.8 200 265.8
All 2835.0
--
Viktor.
More information about the dns-operations
mailing list