> On Mar 20, 2020, at 12:43 AM, Ralf Weber <[email protected]> wrote: > > Moin! > >> On 20 Mar 2020, at 1:13, Rob Sayre wrote: >> The introduction says: >> >> "DNS over QUIC (DoQ) has privacy >> properties similar to DNS over TLS (DoT) specified in RFC7858, and >> performance characteristics similar to classic DNS over UDP." >> >> I think you might want to drop this text on performance characteristics, >> since it seems to imply DNS over UDP has better performance characteristics. > Well DNS over UDP has better performance characteristics than DoT and DoH. > That is not up for discussion. That is a fact. You can get way above > a million of DNS queries using regular DNS on a vanilla box, which is > simply impossible with DoH/DoT no matter how good you tune your test or > box. Latency in lab tests of DNS server usually is measured in microseconds > and not milliseconds. > > Simple common sense will tell you that an unencrypted protocol always will > be faster than an encrypted protocol and that a stateless protocol (UDP) > will be faster then a stateful protocol (TCP), because it doesn’t need to > have any code for checking state. QUIC BTW is based on UDP. >
And common sense may or may not be right. For many implementations of Quic, encryptions is not the bottleneck. You can run AES GCM at 20 Gbps or more on a single CPU thread. The actual bottleneck is the cost of UDP socket operations. -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
