Re: [Doh] DNS over HTTP/3?

Daniel Stenberg <daniel@haxx.se> Mon, 19 November 2018 15:02 UTC

Return-Path: <daniel@haxx.se>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A203130DC9 for <doh@ietfa.amsl.com>; Mon, 19 Nov 2018 07:02:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GjMX_nnWEP4w for <doh@ietfa.amsl.com>; Mon, 19 Nov 2018 07:02:24 -0800 (PST)
Received: from giant.haxx.se (www.haxx.se [IPv6:2a00:1a28:1200:9::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D50E71286E7 for <doh@ietf.org>; Mon, 19 Nov 2018 07:02:23 -0800 (PST)
Received: from giant.haxx.se (mail [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id wAJF2Kh1002811 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 19 Nov 2018 16:02:20 +0100
Received: from localhost (dast@localhost) by giant.haxx.se (8.15.2/8.15.2/Submit) with ESMTP id wAJF2Jlu002804; Mon, 19 Nov 2018 16:02:19 +0100
X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs
Date: Mon, 19 Nov 2018 16:02:19 +0100 (CET)
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: bert hubert <bert.hubert@powerdns.com>
cc: doh@ietf.org
In-Reply-To: <20181119100954.GA6704@server.ds9a.nl>
Message-ID: <alpine.DEB.2.20.1811191529420.26838@tvnag.unkk.fr>
References: <20181119100954.GA6704@server.ds9a.nl>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/5ZVlcQ7_XhYawSf7Ma8Xu3q4sZo>
Subject: Re: [Doh] DNS over HTTP/3?
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Nov 2018 15:02:26 -0000

On Mon, 19 Nov 2018, bert hubert wrote:

> I've also personally observed that a "slightly suboptimal" network 
> absolutely kills browsing performance in Firefox Nightly using DoH.  A naive 
> calculation shows that 0.5% packet loss turns into a 5% failure rate per DoH 
> query, which then can cause Head of Line blocking for further queries, which 
> cascades into "blank pages" getting rendered.

Isn't this mostly because it uses (multiplexing over) TCP and TLS? Meaning 
that DoT will basically see roughly the same degredation?

(And regarding "blank pages", that's also a matter of what the 
browser/user-agnes does or doesn't do when it gets DoH timeouts...)

-- 

  / daniel.haxx.se