Nmap Development mailing list archives
Re: [PATCH] Mass rDNS performance
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Thu, 19 Mar 2009 07:19:41 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 19 Mar 2009 00:51:26 +0000 or thereabouts jah <jah () zadkiel plus com> wrote:
Hello Nmappers, Following on from the previous discussion on this topic [1][2][3][4] where it was found that Nmap's reverse dns resolution sent two or three times more requests than target IPs to be resolved, I've attached a new patch for nmap_dns.cc with several changes which I'll describe here.
...snip...
Results Rather than post rows of test results and extend this already lengthy post much further, I've posted a some results at [5] which highlight the differences that these changes will make. Not posting them here also means they'll be a little easier to read.
Hi Jah, it's great to have someone reviewing code like this and putting a lot of engineering time and thought into improving it. I suppose I should have read your results page before doing my own testing since you have a lot of good ideas up on that page. I haven't yet had time to do any really thorough testing but I have a test case in which your patch is significantly slower than the existing rDNS code. When I resolve 16384 randomly generated IPs that all have a reverse name (I reverse resolved 1 million, extracted 16384 with a name) the current code is quite a bit slower. Here are the numbers: Old: 1m56.988s 2m24.148s 2m5.988s Patched: 5m44.346s 5m53.691s 5m41.490s I'm using the local nameserver (DJB DNS) I run on my scanning box. To be consistent between tests I flushed the cache each time. You can grab the list of IPs I'm using here: http://noh.ucsd.edu/~bmenrigh/16384_random_ips_with_names.txt The command I'm running is: $ sudo killall dnscache; sleep 5; time sudo ./nmap -sL -iL 16384_random_ips_with_names.txt -v -d -d | tee random_resolved.txt I don't think I'm going to have any time tomorrow to test further but I'll put your code through some of my more day-to-day uses if I have time Friday. I'll let you know what I find. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAknB8g0ACgkQqaGPzAsl94KcJwCeLEU3GlKWMuU/eBJjzdZhqaI/ Co0AnAxxYTkbnMpRsNXivX9PQV5at6kG =N3lL -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] Mass rDNS performance jah (Mar 18)
- Re: [PATCH] Mass rDNS performance Brandon Enright (Mar 19)
- Re: [PATCH] Mass rDNS performance Fyodor (Mar 19)
- Re: [PATCH] Mass rDNS performance Brandon Enright (Mar 19)
- Re: [PATCH] Mass rDNS performance Brandon Enright (Mar 19)
- Re: [PATCH] Mass rDNS performance Brandon Enright (Mar 19)
- Re: [PATCH] Mass rDNS performance jah (Mar 19)
- Re: [PATCH] Mass rDNS performance Fyodor (Mar 19)
- Re: [PATCH] Mass rDNS performance Brandon Enright (Mar 19)