Re: which Name sever is selected?
By decaying I mean they take some percent of time off of the rtt of the name servers that aren't used when there is a successful query to the fastest. Eventually the slower servers will be faster than the fastest and get queried. That query will set the rtt again for that server and will go back to being slower. On Mar 3, 2014 8:24 AM, houguanghua houguang...@hotmail.com wrote: Hi Ben, What's the meaning of bind decaying? Where can I find the detailed description? Thanks! Guanghua Date: Fri, 28 Feb 2014 11:39:54 -0500 From: Ben Croswell ben.crosw...@gmail.com To: bind-users@lists.isc.org Subject: Re: which Name sever is selected? Message-ID: cajga8zsug2nrznufuxetbpkvzqkjczzred5u2qxw+uqw0pm...@mail.gmail.com Content-Type: text/plain; charset=iso-8859-1 RTT banding was removed in early versions of 9.8 due to the performance hit being larger than any security benefit. So it would depend what version of bind is being used in this case. https://www.isc.org/blogs/rtt-banding-removal-from-bind-9/ It is important to note that all ns records will take some percent of the traffic even if they are not the fastest. This is due to bind decaying the RTT on the ns records that were not used when it gets a successful query from the fastest ns. That way if there is a failure on a box it can eventually be tried again and make back into the top position. On Feb 28, 2014 11:07 AM, Barry Margolin bar...@alum.mit.edu wrote: In article mailman.2368.1393596895.20661.bind-us...@lists.isc.org, houguanghua houguang...@hotmail.com wrote: If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua I believe the RTT values are grouped into ranges, and it prefers servers that are in a better range. 30 ms might be in the lowest range, so another server can't be better. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: which Name sever is selected?
houguanghua houguang...@hotmail.com wrote: What's the meaning of bind decaying? Where can I find the detailed description? Thanks! There's a summary of the SRTT algorithm in http://securityintelligence.com/subverting-binds-srtt-algorithm-derandomizing-ns-selection/ Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ Lundy, Fastnet: Northwest 5 to 7, occasionally gale 8 at first, backing south 4 or 5 later, occasionally 6 in southwest Fastnet. Very rough or high, becoming rough in north. Showers then rain. Moderate or good. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
which Name sever is selected?
If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: which Name sever is selected?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/28/2014 04:14 PM, houguanghua wrote: If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Why you are assuming that the namserver uses RTT aglorithm to find out the featest ? - -- Georg Kahest -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQIcBAEBAgAGBQJTEKN9AAoJEFDOdES6xIFjxpoQAJD4ehTrRWtW2Gs6e9cfkIB2 2TB7/y41DnmMtqTyE3aGgyIZwYWGpq5V/XG31jbPBRcW7zhlq7whzjkjpQO8mjAM HArJR9xY3f7O/USP8axspEUCpYL9mluOeOFf/4QMj4npBIdmhGGju0mDrVntikTb VwWjhcbLrY3a296/Z71r8YgidmF9md1bgm+HwNkR3+apuLU5YLi/sdDI53Hj0XwQ oxGp05TA011lT/hH8Acv8QCmoor9GOTsYor6LMBgvTRrTYQMwlM5u7pZTxBIYCDi c7E3S4aS7CPKBNarlCJsEpd6K8b1eNSsXP9pLN19Ta0L6M0iqx8fVVZ/AIt4JxzP LigwpOdq9ujcDNMi5LGNAUw8xYlo3TXhBrGx+Gr23I+DwzYhMuy+UIWFS9kZpPwB NvvgU0hj+XK+zyyNBBeJJRyx7Zw5jWRzH8HUoWEo91jfiMPD/aYEIN05GS5u2vhB AhbB4EXhjf7kQRJygnzkekNu1i5e925pnGQpcfXygV29iwqzDVFNtWjhP2KooZuL gWfgUowraVhEtTc+n42S1c0zWhGsYnv/mkArr5Cuj1gzZEZm5m0wDj/PFE/q8pJ4 SYKCZRYqpw+dx1sX3xg7dzE5Xz3aKQA8PymcpPNmpskqF1fLITT8/RAB/cuqVJ24 U81kB7VN5sUhOAZRX4np =24cf -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: which Name sever is selected?
On Fri, Feb 28, 2014 at 2:55 PM, Georg Kahest georg.kah...@internet.ee wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/28/2014 04:14 PM, houguanghua wrote: If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Why you are assuming that the namserver uses RTT aglorithm to find out the featest ? http://lmgtfy.com/?q=nameserver+rtt W - -- Georg Kahest -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQIcBAEBAgAGBQJTEKN9AAoJEFDOdES6xIFjxpoQAJD4ehTrRWtW2Gs6e9cfkIB2 2TB7/y41DnmMtqTyE3aGgyIZwYWGpq5V/XG31jbPBRcW7zhlq7whzjkjpQO8mjAM HArJR9xY3f7O/USP8axspEUCpYL9mluOeOFf/4QMj4npBIdmhGGju0mDrVntikTb VwWjhcbLrY3a296/Z71r8YgidmF9md1bgm+HwNkR3+apuLU5YLi/sdDI53Hj0XwQ oxGp05TA011lT/hH8Acv8QCmoor9GOTsYor6LMBgvTRrTYQMwlM5u7pZTxBIYCDi c7E3S4aS7CPKBNarlCJsEpd6K8b1eNSsXP9pLN19Ta0L6M0iqx8fVVZ/AIt4JxzP LigwpOdq9ujcDNMi5LGNAUw8xYlo3TXhBrGx+Gr23I+DwzYhMuy+UIWFS9kZpPwB NvvgU0hj+XK+zyyNBBeJJRyx7Zw5jWRzH8HUoWEo91jfiMPD/aYEIN05GS5u2vhB AhbB4EXhjf7kQRJygnzkekNu1i5e925pnGQpcfXygV29iwqzDVFNtWjhP2KooZuL gWfgUowraVhEtTc+n42S1c0zWhGsYnv/mkArr5Cuj1gzZEZm5m0wDj/PFE/q8pJ4 SYKCZRYqpw+dx1sX3xg7dzE5Xz3aKQA8PymcpPNmpskqF1fLITT8/RAB/cuqVJ24 U81kB7VN5sUhOAZRX4np =24cf -END PGP SIGNATURE- ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: which Name sever is selected?
In article mailman.2368.1393596895.20661.bind-us...@lists.isc.org, houguanghua houguang...@hotmail.com wrote: If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua I believe the RTT values are grouped into ranges, and it prefers servers that are in a better range. 30 ms might be in the lowest range, so another server can't be better. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: which Name sever is selected?
RTT banding was removed in early versions of 9.8 due to the performance hit being larger than any security benefit. So it would depend what version of bind is being used in this case. https://www.isc.org/blogs/rtt-banding-removal-from-bind-9/ It is important to note that all ns records will take some percent of the traffic even if they are not the fastest. This is due to bind decaying the RTT on the ns records that were not used when it gets a successful query from the fastest ns. That way if there is a failure on a box it can eventually be tried again and make back into the top position. On Feb 28, 2014 11:07 AM, Barry Margolin bar...@alum.mit.edu wrote: In article mailman.2368.1393596895.20661.bind-us...@lists.isc.org, houguanghua houguang...@hotmail.com wrote: If there is a list of NS records, the local name server uses the RTT (round trip time) algorithm to find the fatest, and queries that server. But I found it's not right. In the testing, the local name server doesn't query the fastest authority name server. Some one tells me that if the local name server gets the RTT to one remote server is les than 30ms, it will not test RTT to other remote servers, even if the RTT is more less. In other words, the local server will only query the first remote server with the RTT less than 30ms. Who would tell me the truth? Thanks! Guanghua I believe the RTT values are grouped into ranges, and it prefers servers that are in a better range. 30 ms might be in the lowest range, so another server can't be better. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
