[nsd-users] NSD TCP performance
nsd at dclg.ca
nsd at dclg.ca
Thu Nov 8 21:51:29 UTC 2007
I've been contacted to evaluate NSD performance and I've identified a
little stangeness in the TCP chatter with NSD. NSD always sends the
two byte response size as a separate TCP packet (causing the requestor
to send a separate ACK) to the main body of the request.
You might Expect a TCP DNS request (omitting the possible UDP request
that fails) to go something like:
SYN -->
<-- SYN,ACK
ACK -->
DNS QRY -->
<-- ACK
<-- DNS RSP
ACK -->
<-- FIN, ACK
FIN, ACK -->
... plus or minus the optimization of the ACK's with data (which seems
to require that you send(2) before your host receives the first ACK).
But NSD always does the following:
SYN -->
<-- SYN,ACK
ACK -->
DNS QRY -->
<-- ACK
<-- DNS length (2 bytes)
ACK -->
<-- DNS RSP
ACK -->
<-- FIN, ACK
FIN, ACK -->
Here's a very brief binary dump of the above conversation:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcpdnsqry.dump
Type: application/octet-stream
Size: 1064 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20071108/becb4b84/attachment.obj>
-------------- next part --------------
Dave.
--
============================================================================
|David Gilbert, Independent Contractor. | Two things can be |
|Mail: dave at daveg.ca | equal if and only if they |
|http://daveg.ca | are precisely opposite. |
=========================================================GLO================
More information about the nsd-users
mailing list