Re: [dns-privacy] [DNSOP] Do53 vs DoT vs DoH Page Load Performance Study at ANRW

Puneet Sood <puneets@google.com> Sun, 21 July 2019 20:26 UTC

Return-Path: <puneets@google.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64D691200B6 for <dns-privacy@ietfa.amsl.com>; Sun, 21 Jul 2019 13:26:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.501
X-Spam-Level:
X-Spam-Status: No, score=-17.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11cMNR1hECCM for <dns-privacy@ietfa.amsl.com>; Sun, 21 Jul 2019 13:26:46 -0700 (PDT)
Received: from mail-yb1-xb41.google.com (mail-yb1-xb41.google.com [IPv6:2607:f8b0:4864:20::b41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FB071200B9 for <dns-privacy@ietf.org>; Sun, 21 Jul 2019 13:26:38 -0700 (PDT)
Received: by mail-yb1-xb41.google.com with SMTP id q5so2165585ybp.1 for <dns-privacy@ietf.org>; Sun, 21 Jul 2019 13:26:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Ap9z8tN29nhp8ZXJLRDW4HcOWg5FnscBjlQam/S43Rc=; b=SZNmI14bKycz6JVh7biOzvVkN4hf7jZfdKLhThc9ry+zS9gG+baHqgrhAMAhVi+GAI fXz5rWnouX1x07YfwCxfRkV38a604tHOvljWWA2bD/vbSdsg10MGfSthCyQLObgAUQ/V Z6oWClYgSbS0JwfiEh+u8Sx/GawvfJPS42a8sz6XWvSF2L0k9V+EJlbVRe8gKfDedJKJ mgBhrLXiQ9PwodBN5hfwmyyg4nyYqqZlrJaSmtC+G/zu0lYKpTEg3tpSCOWZ/7MNUBpk qi9RbBRYPjEK6H7YVhPc/DbrC78KXQs24J6O46VyNGv/E8t/egIHuQGFGYQLmsE7k4dd wMnw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Ap9z8tN29nhp8ZXJLRDW4HcOWg5FnscBjlQam/S43Rc=; b=pngwrN+D1YDd7XEEP5egCe1U/Laa7Z8X97bg7uAk2ZtLNbS8PT+17sDkZ9cYLwmfA8 UUurxpebCLG1oMATceqERDbF8CCrNs6ZqlpUKSDiJa4FFt/7fd8HWtyR0Sria2eEUOur voHGBznw887zqT9EPZ6XnNPMJIekf3czxEtWiL3D/2N8nSez9FwLdyuYlh0522Wz81mT PfV51r3zAqFTLTO1P0Uxlyd51FnJqe48kautqe1Kk7ciA5DVRfEG92JL/QmAqXRp5x6N f3nSNBsB+S+7uZxJDd+Ys7Nx4l9IfatVxpDKVquv0wXi7Bc+WhEsBbNtqCjGVQ1HNc2x q68w==
X-Gm-Message-State: APjAAAWMiYd1OkKZDZUStXWFxZFt2ABku17qrFTsvaYoEfad8wT816w4 WcP9CxGW0VTxSAmMw7zV2WJ38rqCqA5WrpMiRaWExg==
X-Google-Smtp-Source: APXvYqwGAWqfYbLvM8YO51NxMsLw1SaT9POywsXyd2j2xXVWd1R4S+ofZZ16imlhGyt9wanHUv8d0Sx7HDOj1etM8A4=
X-Received: by 2002:a25:4585:: with SMTP id s127mr36737162yba.139.1563740797325; Sun, 21 Jul 2019 13:26:37 -0700 (PDT)
MIME-Version: 1.0
References: <402781F4-33D8-4FD4-8087-FDCEFFF2D549@iseclab.org> <CAChr6SwBKOymQjKsN+GEnygn5ogJb6WUMd=jxRrV2eQWwdiBcg@mail.gmail.com> <267CBE74-9DC5-40D8-A61F-7C566644A1CB@iseclab.org>
In-Reply-To: <267CBE74-9DC5-40D8-A61F-7C566644A1CB@iseclab.org>
From: Puneet Sood <puneets@google.com>
Date: Sun, 21 Jul 2019 16:26:24 -0400
Message-ID: <CA+9_gVsKKOtiu6EXK+mrF_kkva-cORLuU2p3zijbPUvSVF5K5g@mail.gmail.com>
To: Kevin Borgolte <kevin@iseclab.org>
Cc: Rob Sayre <sayrer@gmail.com>, DoH WG <doh@ietf.org>, pschmitt@cs.princeton.edu, dnsop WG <dnsop@ietf.org>, jordanah@princeton.edu, feamster@uchicago.edu, add@ietf.org, dns-privacy@ietf.org, ahounsel@cs.princeton.edu
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/pNN9IP3qQgBTzVLsPcSa4PmOE9M>
X-Mailman-Approved-At: Mon, 22 Jul 2019 04:51:08 -0700
Subject: Re: [dns-privacy] [DNSOP] Do53 vs DoT vs DoH Page Load Performance Study at ANRW
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jul 2019 20:26:50 -0000

Thanks for sharing the results of your work. It will be great to have
the software available so others can run the experiments from other
locations.

When looking at the page load results the CDF graphs comparing the
various services are very useful to see the relative performance of
different services. However I could not find the range of time values
for the page loads in the experiment. Basically what percentage of the
page load time variation was related to DNS?

Note: For Google DoH, we will be reviewing our implementation for
latency. BTW we have launched our production RFC 8484 DoH service
recently at https://dns.google/dns-query
(https://security.googleblog.com/2019/06/google-public-dns-over-https-doh.html).
It will be great if you can update your software to use this endpoint.

* The experiment was run from Princeton, New Jersey in Northeast US.
The location is in a very well connected part of the world between
network peering points in NYC and Washington DC. You will not see much
difference (due to network latency) between the cloud providers and
the default (local) Do53. Running the experiment from locations which
are further away from cloud providers would provide another
interesting set of data.

* Conclusion on benefit (or lack) of ECS.
Did the page load measurements include content that would benefit from
proximity to the end user, e.g. streaming videos or large downloads?
This kind of content benefits from ECS when the resolver is further
away from the client.

Thanks,
Puneet

On Fri, Jul 19, 2019 at 1:42 AM Kevin Borgolte <kevin@iseclab.org> wrote:
>
>
> > This paper looks interesting. Is the software used in the paper published?
>
> Thanks! The code isn’t open source yet, but we will make it public alongside the Docker setup we used for running it. Not sure when that is going to happen exactly though.
>
> > Or, at least, is the test page set published? I haven't read the whole thing yet, but it seems like the page set would be relevant if the paper tests page load time.
>
> The list of websites is attached. It is extracted from the top 1,000 and 99,000 to 100,000 of a Tranco list.
>
> Best,
> Kevin
>
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy