On Tue, 8 Sep 2020, Puneet Sood wrote:
A single recursive resolver process can make a large number of outbound requests to thousands (if not more) of nameservers. Keeping one socket for each unique combination of (resolver IP, nameserver IP) becomes expensive in such an environment. Using more than one resolver IP provides additional entropy for the queries.
But you need a separate socket for each port number if you're doing port randomization.
In any event, I'd be more interested in knowing how much DNS client software uses connected sockets rather than speculating about it.
Regards, John Levine, [email protected], Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
