Inline..
Chris Paul wrote:
Joe Greco wrote:
But we only care about TCP connection setup time in *interactive*
sessions (a human using something like the web). If you have a
persistent connection to your dns server from your dns resolver on
your browser machine, you just send the request.... no TCP setup
there at all. You can even pool connections. We do this stuff in LDAP
all the time.
How does TCP resolution work in most resolver libraries? A TCP
connection for each lookup? That is kind of dumb isn't it, speaking
of dumb.... I actually don't know. Not much of a coder, so I'll let
you coders check your code and get back to me on that...
well.. maybe i'll fire up snort or wireshark and check it out later
with some different dns libs....
Pretending for a moment that it was even possible to make such large
scale changes and get them pushed into a large enough number of
clients to matter, you're talking about meltdown at the recurser
level, because
it isn't just one connection per _computer_, but one connection per
_resolver stub_ per _computer_ (which, on a UNIX machine, would tend to
gravitate towards one connection per process), and this just turns
into an insane number of sockets you have to manage.
Couldn't the resolver libraries be changed to not use multiple connections?
And we'll change to IPv6 tomorrow!
CP
--
Victor Jerlin, CTO
Gränslösa System GSYS HB
Cell#: +356-9999-0125
