Bert, At 2016-02-08 22:55:44 +0100 bert hubert <bert.hub...@netherlabs.nl> wrote:
> On Mon, Feb 08, 2016 at 10:37:09AM -0500, Jared Mauch wrote: > > Or just having the TCP implementation in BIND get improved as it’s clear > > there > > are some more people pushing in this direction. I’m looking at just putting > > something like DNSDIST on my hosts to process TCP and balance it across > > multiple daemons to do the query scale. > > With a liiiitle work btw dnsdist could proxy TCP/IP questions over UDP with > gigantic packet sizes. This would get you TCP/IP to the unwashed BCP38-free > masses but UDP in your home network. > > Might that be a good idea? I guess so, but why not just nail up some persistent TCP connections internally? You should be able to keep a small pool for each backend server, so you can handle significant concurrency (you shouldn't need that many connections to an authoritative server, maybe something related to the number of cores is reasonable, like 2x or 3x cores number of connections). Since the sessions are up, you won't pay any additional cost during each query. In fact, you may even have fewer packets to a busy server, since multiple messages can be collected into a single IP packet. One of our developers (hi vorner!) found that proxying UDP into TCP was actually faster than raw UDP (there are lots of details that may have impacted this, but we can discuss it if you are curious). Cheers, -- Shane _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop