Re: [Resolverless-dns] Load-balancing concerns

Dave Lawrence <> Thu, 08 November 2018 09:44 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 23ACB12D4E7 for <>; Thu, 8 Nov 2018 01:44:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Y-3ptaoMZeAM for <>; Thu, 8 Nov 2018 01:44:52 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0F9E01293FB for <>; Thu, 8 Nov 2018 01:44:52 -0800 (PST)
Received: by (Postfix, from userid 102) id 470AD32AC2; Thu, 8 Nov 2018 04:44:51 -0500 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <>
Date: Thu, 08 Nov 2018 04:44:51 -0500
From: Dave Lawrence <>
In-Reply-To: <>
References: <> <> <>
Archived-At: <>
Subject: Re: [Resolverless-dns] Load-balancing concerns
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Resolverless DNS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 08 Nov 2018 09:44:53 -0000

Justin Henck writes:
> How is a "resolverless" (unrequested resolution?) solution here any
> different from sharing a recursive, if we use ECS or if the primary
> service is widely deployed?

The landscape is complicated.  In many cases it will offer the same
results.  In some cases it will be demonstrably more bad.  In some
cases it might even be a bit better.    There are a lot of variables
to suss out here.

> E.g. it seems to me that there are three scenarios:
> 1) really large globally distributed services implementing will act like
> geographicaply distributed resolvers, which some of them also are

Right this one probably ends up looking largely like a regular
recursive resolver now, so is basically fine.

> 2) small single-datacenter services won't produce enough traffic to matter

I think maybe we shouldn't be cavalier with "to matter", because
it could very well matter quite a lot to the clients here.

> 3) large single-datacenter services might cause a problem


> Are there other negative scenarios? I suppose 1 but not very well
> distributed?