BIND srtt algorithm not working as expected
Tony Finch
dot at dotat.at
Wed May 16 18:42:15 UTC 2018
Paul Roberts <paul at callevanetworks.com> wrote:
>
> This seems to imply on slide 16 that with lower query rates, BIND 9.8
> has a habit of sending fairly significant volumes to DNS servers with
> higher rtts. I am wondering if this is still the case in BIND 9.10 or
> 9.11 and whether there is anything that can be done about it?
The short answer is, 9.9 and later should be a lot better than 9.8.
There are a couple of obviously relevant entries in the CHANGES file:
Before the 9.6.0 release:
2423. [security] Randomize server selection on queries, so as to
make forgery a little more difficult. Instead of
always preferring the server with the lowest RTT,
pick a server with RTT within the same 128
millisecond band. [RT #18441]
Before the 9.9.0 release:
3024. [func] RTT Banding removed due to minor security increase
but major impact on resolver latency. [RT #23310]
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
justice and liberty cannot be confined by national boundaries
More information about the bind-users
mailing list