Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls
Phillip Hallam-Baker <ietf@hallambaker.com> Wed, 27 May 2015 18:06 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55E5F1A897E for <dns-privacy@ietfa.amsl.com>; Wed, 27 May 2015 11:06:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.377
X-Spam-Level:
X-Spam-Status: No, score=-0.377 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_54=0.6, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tLnezHnWJXv5 for <dns-privacy@ietfa.amsl.com>; Wed, 27 May 2015 11:06:04 -0700 (PDT)
Received: from mail-la0-x22b.google.com (mail-la0-x22b.google.com [IPv6:2a00:1450:4010:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A27C11A896E for <dns-privacy@ietf.org>; Wed, 27 May 2015 11:06:03 -0700 (PDT)
Received: by laat2 with SMTP id t2so13529182laa.1 for <dns-privacy@ietf.org>; Wed, 27 May 2015 11:06:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Cy5VObHJLNouHXl1fPadjft/0G0KwdsqTRtvm1YbhH0=; b=cwK6TE986sdfM/k9mtJEkL/e8L0da5PB15LLWoxU87nFX8RUyB46lIaGN6eMJtnX87 JA+TaLK3u5Ye04lwZgZ6CEmNdG+EXU2wjs7g0XTxJdYusoU+3qO3cQ6V6wDagkCE9xRY +Pka8cmELX7P5Vm+svRR9bNUIiLROiT14af81A7G1Tg4LzwBMWaVVKhWJ/wod7xGH5A/ /0ZEU/T/imFkpAWzDmdyTKUlPHzu4neolvHkXTvSR4jzHOCK8PIHi8dd4vsd+bqEXQcv 48YDoAwM0j3vhTFe7yFV5nUXZty3LD/99fO818Jwrijq++dkEyApAM/HwglQnUMs9yFo BSYg==
MIME-Version: 1.0
X-Received: by 10.152.43.168 with SMTP id x8mr29532422lal.79.1432749962034; Wed, 27 May 2015 11:06:02 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.203.163 with HTTP; Wed, 27 May 2015 11:06:01 -0700 (PDT)
In-Reply-To: <5564c934a3787fa492ff57006e2a5cb6.jorgen@netclient.no>
References: <5564c934a3787fa492ff57006e2a5cb6.jorgen@netclient.no>
Date: Wed, 27 May 2015 14:06:01 -0400
X-Google-Sender-Auth: -PVnduq4UWWpLDhrJ3PBGMER8Es
Message-ID: <CAMm+Lwg8OzakVNE44F_oZ52eq4cfPyguWPOx0uLhXba4okM7zQ@mail.gmail.com>
From: Phillip Hallam-Baker <ietf@hallambaker.com>
To: Jørgen Hovland <jorgen@netclient.no>
Content-Type: multipart/alternative; boundary="001a11c22a5e8a084905171418d3"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/eR2SUYHTV-lSzf1vXbjUnifKWRY>
Cc: dns-privacy <dns-privacy@ietf.org>, Guangqing Deng <dengguangqing@cnnic.cn>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 18:06:09 -0000
Any chance you could add in a straight UDP round trip measurement so we have a benchmark to compare like with like? On Tue, May 26, 2015 at 3:27 PM, Jørgen Hovland <jorgen@netclient.no> wrote: > At 03:04 26/05/2015 (UTC), Paul Hoffman wrote: > > Is the latency for an established TLS connection any worse than for a > DTLS connection? It would be good to see numbers if this is the case. > > I did a test. The difference seems to be so small that it doesn't matter. > > However, > DTLS handshake seems to be a bit slower than TLS handshake (not including > TCP connect or DTLS cookie code). > Additionally, if I use the openssl CLI as DTLS server instead of my code, > the DTLS handshake increases to around 34ms. > TCP connect takes around 9.1ms between my test-servers. > > If you assume that the openssl CLI correctly implements a normal DTLS > handshake while my code doesn't (due to no cookie code), TLS is faster than > DTLS by around 2ms (8.4%) when a full connect/handshake with one write+read > is done. > > > Server/client 500km apart from each other with simple echo server/round > trip test: > > TCP data read: 18, time spent write+read: 9.16038ms. Time spent TLS > handshake 23.3289ms. > TCP data read: 18, time spent write+read: 9.07797ms. Time spent TLS > handshake 21.4217ms. > TCP data read: 18, time spent write+read: 9.10591ms. Time spent TLS > handshake 21.1549ms. > TCP data read: 18, time spent write+read: 9.05283ms. Time spent TLS > handshake 21.1289ms. > TCP data read: 18, time spent write+read: 9.02824ms. Time spent TLS > handshake 21.2273ms. > TCP data read: 18, time spent write+read: 9.06903ms. Time spent TLS > handshake 21.1971ms. > TCP data read: 18, time spent write+read: 9.07378ms. Time spent TLS > handshake 21.3058ms. > > UDP data read: 18, time spent write+read: 9.02713ms. Time spent DTLS > handshake: 23.1482 ms. > UDP data read: 18, time spent write+read: 9.06344ms. Time spent DTLS > handshake: 22.3601 ms. > UDP data read: 18, time spent write+read: 8.97628ms. Time spent DTLS > handshake: 23.1001 ms. > UDP data read: 18, time spent write+read: 9.14725ms. Time spent DTLS > handshake: 22.7562 ms. > UDP data read: 18, time spent write+read: 9.0721ms. Time spent DTLS > handshake: 22.0508 ms. > UDP data read: 18, time spent write+read: 9.34728ms. Time spent DTLS > handshake: 21.7002 ms. > > (disclaimer: I assume my numbers are correct) > > > At 03:04 26/05/2015 (UTC), Paul Hoffman wrote: > > On May 25, 2015, at 6:54 PM, Guangqing Deng <dengguangqing@cnnic.cn> > wrote: > > Resolution latency is very crucial for DNS system and the latency of > DNS-over-DTLS is relatively low compared with DNS-over-TLS. > > Is the latency for an established TLS connection any worse than for a DTLS > connection? It would be good to see numbers if this is the case. > > --Paul Hoffman > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy > > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy > >
- [dns-privacy] Call For Adoption: draft-wing-dpriv… Tim Wicinski
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Bob Harold
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Simon Josefsson
- Re: [dns-privacy] Call For Adoption: draft-wing-d… 🔓Dan Wing
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Daniel Kahn Gillmor
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Guangqing Deng
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Christian Huitema
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Paul Hoffman
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Guangqing Deng
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Tirumaleswar Reddy (tireddy)
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Tirumaleswar Reddy (tireddy)
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Jørgen Hovland
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Shane Kerr
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Phillip Hallam-Baker
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Jørgen Hovland
- Re: [dns-privacy] Call For Adoption: draft-wing-d… Warren Kumari