DNS Connection Question
trlists at clayst.com
trlists at clayst.com
Wed Oct 20 11:25:01 EDT 2004
On 20 Oct 2004 Derek Martin wrote:
> Why not? You're 9/10 of the way there already? Why not fully
> validate the response?
>
> > Since I'm validating user input, timing has some
> > importance and I have the idea -- admittedly not tested, but logical --
> > that just opening and closing a connection is likely to be a lot faster
> > than doing the full query.
>
> I don't think that's actually true. A TCP connection is a 3-way
> handshake -- at least 3 packets are required. The client sends a
> packet with the SYN flag, to which the server replies with its own
> packet containing the SYN flag. The client can then send a packet
> with the ACK flag, which may contain data (i.e. the DNS request) or
> not.
OK, this all makes perfect sense. But I was assuming -- again
definitely not an assumption I tested, it was a casual thought at the
time and not an analysis -- that exchanging packets is typically
relatively fast while waiting for the nameserver to do a lookup is
typically relatively slow. So is making a TCP connection really
"9/10", or not? It depends on the relative speed of the lookup in the
nameserver vs. the packet transit times.
At this point since I have to use UDP anyway, I might as well just do
the lookup, and retreat from that approach only if the whole thing
seems too slow for what I need.
Another possible option would be to send a Server Status query, which
is mentioned in RFC 1035 but not documented as to possible responses.
--
Tom
More information about the Discuss
mailing list