AW: DoT resolvers - Slow results
Talkabout
talk.about at gmx.de
Sun Mar 22 17:07:05 UTC 2020
Hi Benno,
thank you for the Information!
I have tried to set up stubby with my unbound Installation but failed due to issues with DNSSEC. I have decided to wait for the next unbound Version supporting Connection reuse. Do you have a Rough estimation for when it will be available?
Thanks!
Bye
Gesendet von Mail für Windows 10
Von: Benno Overeinder via Unbound-users
Gesendet: Samstag, 21. März 2020 12:55
An: unbound-users at lists.nlnetlabs.nl
Betreff: Re: DoT resolvers - Slow results
Forgot to mention in the previous email:
On 21/03/2020 12:45, Benno Overeinder via Unbound-users wrote:
> I'm not sure if the following explains the difference between Unbound
> and kdig (with +tls option?) performance. However, with the latest
> release, Unbound has implemented TCP connection resuse/TLS session
> resumption for downstream (Unbound clients), but not yet for upstream
> connections (to authoritative name servers or as a forwarder to Quad9,
> Google Public DNS, Cloudflare DNS, etc.).
>
> This is something we expect to be supported in an Unbound release in the
> coming months.
You might want to test DNS-over-TLS performance with getdns Stubby. The
Stubby stub resolver does support TCP connection reuse/TLS session
resumption to upstream connections.
For downloading and installing Stubby, see
https://github.com/getdnsapi/stubby and https://getdnsapi.net.
Cheers,
-- Benno
--
Benno J. Overeinder
NLnet Labs
https://www.nlnetlabs.nl/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20200322/b5a55d55/attachment.htm>
More information about the Unbound-users
mailing list