Matthijs,
as a matter of fact we think the Knot Resolver would be better match
for building DNS proxy.
Cheers,
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@nic.cz
https://nic.cz/
--------------------------------------------
----- Original Message -----
From: "Jan Včelák"
<jan.vcelak(a)nic.cz>
To: knot-dns-users(a)lists.nic.cz
Sent: Monday, August 15, 2016 2:29:26 PM
Subject: Re: [knot-dns-users] dnsproxy module performance
Hi Matthijs,
processing of queries in Knot DNS is synchronous. So the UDP thread is
blocked until the query processing is finished. This usually doesn't
matter for authoritative server because the server can construct the
response immediately.
For dnsproxy, this is a problem. The dnsproxy module establishes a TCP
connection to the resolver and waits for the answer. During that time
the UDP handler thread is just idling.
I'm affraid this couldn't be fixed easily without deep changes in the
knotd architecture.
Anyway, we are interested in your discoveries.
Cheers,
Jan
On 15.8.2016 14:12, Matthijs Mekking wrote:
Hi,
I recently tested the mod-dnsproxy performance and I am disappointed in
the results:
Knot in our test setup can do ~320K QPS.
When using our own proxy in front of knot, we achieve quite a
performance hit, only able to do ~120K QPS.
However, when configuring knot to use the mod-dnsproxy, the performance
drops to ~7K QPS.
I am planning to investigate what causes this significant drop, but if
you have any insights or other measurements already I would love to hear
about them.
Best regards,
Matthijs
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users