Full Disclosure mailing list archives
Re: FW: Question for DNS pros
From: John Hall <j.hall () f5 com>
Date: Wed, 04 Aug 2004 12:03:50 -0700
Mark wrote:
...Yup, the TCP SYN packets I see do the same with the IPID. (Embarrassed I missed that the first time I looked at them.) ;)...I disagree, if it is a DNS *server* I would think it wouldn't respond with a RST. It would respond with a SERV FAIL because it's not authoritative for that domain.
Just about any response is useful for RTT/reachability measurement as long as we can associate it back to the correct probe.
Agreed Frank, why would they bother asking in the first place? How do you even know you are asking a DNS server? It could just be a mis-configured client. It would seem to me that would only provide you with the quickest way to query what may or may not be a DNS server that may or may not be authoritative for a domain.
Generally, 3-DNS queries only come from caching/forwarding DNS servers at the client's site, so assuming we're talking to a DNS server there is often a correct assumption. There are several probes that only require a TCP/IP compliant box to respond.
Although I think we may have resolved the issue of what is causing those strange packets... I would like to see a whitepaper or something describing how this technique improves the performance of, well; anything.
While there's a lot of complexity to global load balancing and each probe method may be rendered useless in some circumstances, we've spent a lot of time analyzing the metrics collected and load balancing decisions made by 3-DNS groups at many of our customers sites; and we've found that the 3-DNS has improved the reliability and responsiveness of every site for the great majority of it's customers. I'm not a marketeer, but you can probably tell that I'm proud of our products. ;)
The above paragraph is off topic. E-Mail me off list if you want to discuss that topic further.Regards, Mark
-- John Hall Test Manager - Switch Team F5 Networks, Inc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: FW: Question for DNS pros, (continued)
- Re: FW: Question for DNS pros John Hall (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros Ron DuFresne (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros Nils Ketelsen (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 05)
- Re: FW: Question for DNS pros Mark (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros Gary E. Miller (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 05)
- Re: FW: Question for DNS pros Gary E. Miller (Aug 05)
- Re: FW: Question for DNS pros Paul Schmehl (Aug 03)