Persistent tcp-upstream

Tony Finch dot at dotat.at
Fri Jan 6 11:58:54 UTC 2017


Gabriel Corona via Unbound-users <unbound-users at unbound.net> wrote:
>
> This is quite suboptimal, especially when the connection is encapsulated
> over TLS, and leads to many TIME_WAIT connections. In order to overcome
> this problem, I wrote a prototypical daemon which aggregates DNS
> requests over a single persistent TCP connection:
>
> http://www.gabriel.urdhr.fr/2015/12/09/dns-aggregator-tls/
>
> https://github.com/randomstuff/dnsfwd

This is cool :-)

A couple of questions:

I can't see where you are handling truncated responses. Since your
upstream queries are over TCP, the responses can be too big to return
to a UDP client - you need to strip them down and set the TC bit.

I think, if I understand service::add_request() and client::add_request()
correctly, you only have one outstanding query on the upstream connection
at a time. You can reduce latency by pipelining queries over TCP. Make
sure to allow for out-of-order responses!

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Portland, Plymouth: Southwest, veering west later, 4 or 5. Slight or moderate.
Fair, then occasional rain. Moderate or good, occasionally poor.



More information about the Unbound-users mailing list