On 22/08/2013, at 9:36 AM, Geoff Huston <g...@apnic.net> wrote: > > On 22/08/2013, at 12:36 AM, Jon Lewis <jle...@lewis.org> wrote: > >> On Wed, 21 Aug 2013, Dobbins, Roland wrote: >> >>> >>> <http://www.circleid.com/posts/20130820_a_question_of_dns_protocols/> >> >> I didn't even get far enough to get to the parts Vixie seems to object to. >> It was too painful to read. It's in desperate need of proof-reading and >> copy editing. Was this translated (poorly) from some other language to >> English? >> > > My apologies - english is spoken and written in so many styles and I know > that my written style can be considered as turgid, particularly when I was > not intending to write for a highly expert specialist technical audience such > as are on this mailing list. > > So here is what I would say to this audience: > > - How many resolvers and their clients will resolve a DNS name to an address > if they are forced to use TCP? > > - Our experiment used a modified DNS server that truncated all UDP at 512 > bytes, and over 10 days we enlisted some 2 million end clients to perform a > set of tests by using online ads. The ad used a very wide geographic and > network variety, so there is good grounds to see this set as a reasonable > representative sample of the internet's end user population. > > - The authoritative nameserver saw 80,000 visible resolvers. 17% of them > (13,400) did not switch to TCP and re-query upon receipt of truncated TCP. > 0.4% of them appear to have some inbound TCP-blocking firewall/filter. The > rest simply did not respond in TCP > > - These 13,400 resolvers were used by 6% of the end clients. > > - 2/3 of these affected end clients switched to use an alternative resolver > that was able to pose the query using UDP.
sigh "pose the query using UDP and fall back to TCP upon receipt of the truncated UDP response" > > - the rest (2%, or 50,000 end clients) were unable to complete the DNS query > at all. > > - we retested, using a slightly different DNS nameserver configuration with a > smaller UDP truncation threshld, over a further 700,000 end clients and saw a > similar outcome. > > regards, > > Geoff > _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
