On So, 15.11.20 15:36, Samuel Sieb (samuel@xxxxxxxx) wrote: > On 11/15/20 7:31 AM, Lennart Poettering wrote: > > Implementing this does not come without drawbacks though: right now > > resolved tries hard to use the same server if at all possible, since > > we want to use newer DNS features if possible, but many DNS servers > > (wifi routers, yuck) tend to support them quite badly. This means > > resolved has an elaborate scheme to learn about the feature set of the > > DNS servers it contacts. And that can be slow, in particular on > > servers where we step-by-step have to downgrade to the most minimal of > > DNS protocols. This learning phase is run only when first contacting > > some server (and after some grace period). If we'd switch servers all > > the time, for every single lookup, then we'd start from zero every > > time, not knowing what the server supports, and thus having to learn > > about it over and over again. This would hence make all, > > *every*single* transaction pretty slow. And that sucks. > > Wouldn't you just need to do it once for each server and cache that info? > And why do you need to re-do the learning phase for a server you've already > checked? We do remember that. But if you stick to talking to one server for 500 transactions, you will have one slow lookup, the initial one that needs to probe the feature set, plus 499 speedy ones. If you however spread your 500 lookups over 250 servers, you will get 250 slow looups plus 250 speedy ones — all in the worst case. Simply becaue we then need to probe 250 servers for the first time... (See other mail) > > DoT becomes efficient when we can reuse the established TCP/TLS connection > > for multiple lookups. But if we'd switch servers all the time, then of > > course there's no reuse of TCP/TLS connections possible. > > Same thing here. Would it be a problem to keep a connection open for each > server? We keep one connection open for each server, if it let's us. Typically they don't let us keep it open for long though. if you have actually have a ton of servers and distribute lookups over all of them, it decreases the chance of connection reuse, and thus increases the chance that connections will go idle from perspective of the server operator, and thus will be disconnected. Given the short idle timeouts of popular servers such as 8.8.8.8 this actually matters a lot. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
