[nsd-users] NSD TCP performance

Aaron Hopkins lists at die.net
Fri Nov 9 19:10:12 UTC 2007

On Fri, 9 Nov 2007, David Gilbert wrote:

> I'd like to have a look at this patch.  Maybe the patch can be worked
> ina more acceptable manner.  My client is very concerned about TCP
> performance because of DNSSEC being on the horizon.

I didn't provide a patch for the extra round-trip per TCP answer problem. 
The patch http://ftp.die.net/pub/nsd/nsd-3.0.2-fewerselects-nonblocking.patch
solved two other problems:

- The use of blocking sockets in a nsd had some funky race conditions that
could've resulted in the server freezing or the extra servers started by the
-N flag not being used.  This has been fixed in newer NSDs.

- Only one request is processed per socket per select().  And select() is
kind of expensive, particularly when you start handling more sockets (like
lots of TCP sockets open).  Wrapping a loop around the UDP recvfrom() allows
us to amortize the cost of the select() over many requests, leading to a 23%
throughput improvement in my tests.  (This will obviously vary with the
hardware, OS, etc.)  The downside is that if it concentrates on one socket,
it can starve others at least briefly.  The current version of the patch
limits this to 100 requests, which at 50000 requests/sec works out to up to
2ms of extra latency for the other sockets.

                                     -- Aaron

More information about the nsd-users mailing list