Nailing up TCP connections
Noah Robin
noah.robin at gmail.com
Thu Apr 7 15:59:07 UTC 2016
We have a medium-sized environment; we have several thousand zones and see high hundreds of millions of DNS queries per day with a ~98% cache hit rate. The several hundred QPS we see between the resolvers and the name servers are what's left. A significant amount of that traffic is for known-low TTL names (GSLB rotors for example), but the sheer number of DNS records (and the number of DNS clients we see) ensures that some queries will still need to be sent to the authoritative name servers.
I'd think that some other high-traffic installations could benefit from this feature (although I am, admittedly, slightly biased).
Thoughts from the devs?
Noah
> On Wed, Apr 6, 2016 at 9:06 AM, A. Schulze via Unbound-users <unbound-users at unbound.net> wrote:
>
> Noah Robin via Unbound-users:
>
>> In my environment, we have a plant of internal recursive servers for our
>> data center and separate plants of authoritative servers; something like
>> 65-85% of the traffic outbound from our recursive plants (several hundred
>> queries/sec per client machine) is destined for our authoritative plants. I
>> ran some quick benchmarks to compare per-query times for TCP-keepalive
>> queries vs UDP queries:
>
> why do you have such a high numer of queries resolver -> nameserver?
>
> once a resolver fetched a label it should be cached at the resolver.
> and would not benefit from any keepalive.
>
> other options:
> - the ttl of labels served by the nameserver is very short and that result in fast
> cache expire and need to ask the nameserver again and again
>
> - the resolver get many queries for differenet nonexisting label
>
> Andreas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20160407/fae7edcc/attachment.htm>
More information about the Unbound-users
mailing list