As I said at the mic today, as the quality of residential and mobile connectivity continues to degrade, we should be encouraging stub resolvers to prefer IPv6 when talking to recursives.
For plain UDP this does not matter so much, but it matters a lot more for DoT and DoH, which use persistent connections. In particular, it's especially important for DNS-over-HTTP/3, which is currently the only encrypted DNS technology that can reasonably match the performance of unencrypted DNS over UDP. A few data points to quantify this: - Many large mobile operators use very low UDP NAT timeouts. A particularly bad example is Verizon Wireless, which uses sub-minute timeouts for UDP. This breaks connectivity unless hosts send keepalives. - With IPv4 NAT, failure to send keepalives on a session results in the session being blackholed. This is difficult for the host to notice, and usually causes timeouts and user-visible errors until the session is re-established. With IPv6, even if the session times out, future requests will transparently reopen it, because there is no NAT so the server won't see the client port change. - On mobile phones, sending keepalives on mobile networks is very battery-intensive. IIRC when I last looked at this data, sending keepalives on mobile data every 30 seconds would consume 5%-10% of a typical phone battery over the course of a day. - Even on wireline, IPv4 address sharing pressure causes operators to set low timeouts. For example, my home connection (MAP-E on NTT in Japan) uses 180-second timeouts for both UDP and TCP. Cheers, Lorenzo
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
