IETF Logo Mail Archive

Re: How do we get the whole world to upgrade to DNSSEC capable resolvers?

bert hubert <bert.hubert@netherlabs.nl> Thu, 24 July 2008 06:53 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8197F3A6972; Wed, 23 Jul 2008 23:53:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.821
X-Spam-Level:
X-Spam-Status: No, score=-0.821 tagged_above=-999 required=5 tests=[AWL=-0.317, BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M37KlAQK--lK; Wed, 23 Jul 2008 23:53:16 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 2E7253A68D0; Wed, 23 Jul 2008 23:53:16 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KLucr-0008ZG-1L for namedroppers-data@psg.com; Thu, 24 Jul 2008 06:48:33 +0000
Received: from [2001:888:10:36::2] (helo=adsl-xs4all.ds9a.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <ahu@outpost.ds9a.nl>) id 1KLucm-0008YQ-Qx for namedroppers@ops.ietf.org; Thu, 24 Jul 2008 06:48:31 +0000
Received: from outpost.ds9a.nl ([85.17.220.215] ident=postfix) by adsl-xs4all.ds9a.nl with esmtp (Exim 4.63) (envelope-from <ahu@outpost.ds9a.nl>) id 1KLuck-0002GK-By for namedroppers@ops.ietf.org; Thu, 24 Jul 2008 08:48:26 +0200
Received: by outpost.ds9a.nl (Postfix, from userid 1000) id E890D4B565; Thu, 24 Jul 2008 08:48:40 +0200 (CEST)
Date: Thu, 24 Jul 2008 08:48:40 +0200
From: bert hubert <bert.hubert@netherlabs.nl>
To: Mark Andrews <Mark_Andrews@isc.org>
Cc: David Conrad <drc@virtualized.org>, Ben Laurie <ben@links.org>, DNSEXT WG <namedroppers@ops.ietf.org>
Subject: Re: How do we get the whole world to upgrade to DNSSEC capable resolvers?
Message-ID: <20080724064839.GD7420@outpost.ds9a.nl>
References: <20080723224908.GA1935@outpost.ds9a.nl> <200807240205.m6O25YhD080674@drugs.dv.isc.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <200807240205.m6O25YhD080674@drugs.dv.isc.org>
User-Agent: Mutt/1.5.9i
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

On Thu, Jul 24, 2008 at 12:05:34PM +1000, Mark Andrews wrote:
> > It takes some work, but high performance is never easy. It is a well solved
> > problem however (by now).
> 
> 	Over how many concurrent ports without introducing queuing
> 	delays?

This is rapidly moving outside of the scope of what most namedroppers
readers will find interesting, but PowerDNS uses 1 fresh socket per outgoing
query, by default up to 1024 simultaneous outstanding questions.

My dnsreplay experiments at such high speeds do not show an appreciable
queuing delay compared to lower query rates.

	Bert

-- 
http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email