[nsd-users] NSD TCP performance

nsd at dclg.ca nsd at dclg.ca
Thu Nov 8 21:51:29 UTC 2007


I've been contacted to evaluate NSD performance and I've identified a
little stangeness in the TCP chatter with NSD.  NSD always sends the
two byte response size as a separate TCP packet (causing the requestor
to send a separate ACK) to the main body of the request.

You might Expect a TCP DNS request (omitting the possible UDP request
that fails) to go something like:

SYN -->
		<-- SYN,ACK
ACK -->
DNS QRY -->
		<-- ACK
		<-- DNS RSP
ACK -->
		<-- FIN, ACK
FIN, ACK -->

... plus or minus the optimization of the ACK's with data (which seems
to require that you send(2) before your host receives the first ACK).

But NSD always does the following:

SYN -->
		<-- SYN,ACK
ACK -->
DNS QRY -->
		<-- ACK
		<-- DNS length (2 bytes)
ACK -->
		<-- DNS RSP
ACK -->
		<-- FIN, ACK
FIN, ACK -->

Here's a very brief binary dump of the above conversation:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcpdnsqry.dump
Type: application/octet-stream
Size: 1064 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20071108/becb4b84/attachment.obj>
-------------- next part --------------

Dave.

-- 
============================================================================
|David Gilbert, Independent Contractor.       | Two things can be          |
|Mail:       dave at daveg.ca                    |  equal if and only if they |
|http://daveg.ca                              |   are precisely opposite.  |
=========================================================GLO================


More information about the nsd-users mailing list