On Sun, Mar 22, 2020 at 2:46 AM Ralf Weber <[email protected]> wrote: > Moin! > > On 20 Mar 2020, at 19:39, Rob Sayre wrote: > > Yes, at which point one can switch to user space networking if really > > necessary. > Which has been done for DNS, but usually with special cards that did > offload other UDP functions also. >
I was thinking of software solutions. The ones I've used are closed source, but there is a nice open example now: http://www.f-stack.org/ Tencent uses it for a fairly large service called "HttpDNS": https://cloud.tencent.com/product/hd https://mc.qcloudimg.com/static/qc_doc/0921907717d6d7604293f2636524f91f/doc-HttpDNS-Product+Introduction.pdf which, of course, skips the local resolver in favor of a centralized DNS service (non-DoH protocol)... When I now look at DoH packets on the wire, even with discounting the > initial TLS setup they are for the same questions/answers between 40% and > 100% bigger. Now of course that overall means they have 40 to a 100 bytes > more which is not much in the overall traffic, but a protocol that has > to put more bits on the wire has to do more work, which is the point I > was trying to bring across. > And DNS over UDP is indeed faster up until the 80th percentile of latency, at which point the data shows DoT/DoH outperform it. thanks, Rob
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
