Re: latency and response time
Hi Sami. Let me ask you a question. How would you define the terms "latency" and "response time"? Greg On Tue, 27 Jun 2023 at 17:23, wrote: > Hello In DNS benchmarking which is more important latency or response > time? for a DNS server what is the difference between the two values? > > > > Regards, Sami > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Controlling which interface named uses
On 6/12/23 2:48 AM, Matus UHLAR - fantomas wrote: note that query-source settings affects source IP of packet, while "ip rule" affects outgoing interface (unless you also configure SNAT for those packets), so they are not exactly the same. Late comment: `ip route` can have some influence on what the source IP is for traffic via it's `from` stanza. This is commonly needed when you have things like VPNs between sites and you want the VPN gateway to originate traffic to the remote LAN from the local LAN interface, not the internet connection, thereby causing the traffic to match LAN to LAN configuration in the VPN. (LAN A)---[.1 R1 .83]---(Internet)---[.77 R2 .1]---(LAN B) Something like / from memory: r1# ip route add $LANB via $GW from $LANA.1 Grant. . . . -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: latency and response time
Personally, I would consider response time to be the duration between the arrival of a request at the DNS server and when the server spits the response for the request out its local network interface, and latency to be the additional time the request and response spend traversing the network between the client and server. So what the client sees is the sum of response_time + (2 * latency) {making the somewhat arbitrary assumption that the latency is the same in both directions, which isn't really valid just because of the different sizes of the request and response, potentially exacerbated by network links on the path with asymmetrical baud rates}. Just my $.02 (or whatever your local currency is). Andrew Pavlin ka2ddo.org From: bind-users on behalf of Matus UHLAR - fantomas Sent: Tuesday, June 27, 2023 12:54:09 PM On 27.06.23 16:22, sami.ra...@sofrecom.com wrote: >Hello In DNS benchmarking which is more important latency or response > time? for a DNS server what is the difference between the two values? I don't see any difference between those two. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95 -- -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: latency and response time
On 27.06.23 16:22, sami.ra...@sofrecom.com wrote: Hello In DNS benchmarking which is more important latency or response time? for a DNS server what is the difference between the two values? I don't see any difference between those two. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95 -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
latency and response time
Hello In DNS benchmarking which is more important latency or response time? for a DNS server what is the difference between the two values? Regards, Sami -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Best way to handle multiple retries from BIND?
On 26. 06. 23 3:05, Fred Morris wrote: I have an authoritative server which performs a resource intensive operation to determine an answer; sometimes it takes long enough that BIND asks again (and again!). Firing off multiple attempts to determine the answer just digs the hole deeper. As others said, deduplicate on the auth side. At least it will not dig the hole deeper. What's the best approach, assuming the same client asks repeatedly: * Discard later queries, answer the first one? * Discard earlier queries, answer the last one? * Send same the response (when we get it) in response to all queries (I don't like this one)? And does anyone know can the recommended mitigation be presumed to be the best option regardless of the recursive server (BIND, Unbound, etc.)? Well, if you insist ... you can respond with TC=1 when your internal timeout fires off (which obviously must be shorter than client's timeout), but this is going to be pretty tough race. Knot Resolver used to retransmit after 200 ms or so. Or do TC=1 all the time and answer only over TCP. That usually has more leeway in terms of timeouts, but I doubt you can reliably prolong it over 1 sec. At that mark it starts to smell like slow lorris attack and the client might close the connection. -- Petr Špaček -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users