Hello Willy, On Wed, 4 Nov 2020 at 15:36, Willy Tarreau <w...@1wt.eu> wrote: > I think it's a reasonable tradeoff because those who insist on this are > also those who want to use so-called "modern" tools (placing "modern" > and DNS in the same sentence always leaves me a strange feeling that > something 37 years old is still modern). > > @Lukas, to respond to your concern, I don't like DNS either
I don't think I got my point across. I never said I don't like DNS (the protocol). Let me be a little more blunt then: What I don't like are code/subsystems that are not sufficiently covered maintenance- and maintainer-wise (whatever the reason may be). In my opinion, the resolver code is like that today: - issues (including bugs) are open for years - it's riddled with traps for the users that will suddenly blow up in their faces (lack of TCP support, IPv4 vs IPv6) - important discussions have come to a halt It's obvious from the language in this thread (from Emeric and Willy), that YOU don't like DNS, and it's obvious from the condition of the existing dns subsystem that there is a complete lack of time for it as well. I'm not blaming Baptiste, I understand time is a rare resource, I'm just honestly describing the situation as I see it. I cannot help here (other than explaining why some current behaviours are bad and triaging the bugs on GH, which is also lacking: most dns issues do not even have the dns subsystem label). All this blunt critique without providing suggestions to improve the situation is rude, but since we are discussing DNS load-balancing (which sounds like adding new fuel to the fire to me), apparently with the same amount of resources and enthusiasm, I am concerned that we will end up in the same or worse situation, which is why I have to share my (negative) opinion about the current situation. > hate the noise that some people regularly make about "UDP support" I am *way* more concerned about what to tell people when they report redundant production systems meltdowns because of the traps that we knew about for a long time and never improved. Like when the DNS response size surpasses accepted_payload_size and we don't have a TCP fallback, or we don't force the users to specify the address-family for resolution, which is of course very wrong on a load-balancer. Of course I understand the DNS resolver code has nothing to do with future DNS load-balancing code. But the fact of the matter is that a new subsystems/featureset require sustained effort, time and frankly also interest. lukas
