DNS Connection Question
Derek Martin
invalid at pizzashack.org
Wed Oct 20 10:15:01 EDT 2004
On Wed, Oct 20, 2004 at 09:48:20AM -0400, trlists at clayst.com wrote:
> Also I don't really want to do a full DNS query
Why not? You're 9/10 of the way there already? Why not fully
validate the response?
> Since I'm validating user input, timing has some
> importance and I have the idea -- admittedly not tested, but logical --
> that just opening and closing a connection is likely to be a lot faster
> than doing the full query.
I don't think that's actually true. A TCP connection is a 3-way
handshake -- at least 3 packets are required. The client sends a
packet with the SYN flag, to which the server replies with its own
packet containing the SYN flag. The client can then send a packet
with the ACK flag, which may contain data (i.e. the DNS request) or
not.
Off the top of my headI don't know exactly how DNS is implmented, but
UDP doesn't require any of this -- all that is required are your
initial packet containing your request, and the server's response. At
least in theory, UDP should be faster. That's one reason why people
use it even though it is stateless, and I believe that DNS is
implemented this way precicely for reasons of efficiency.
Having not done IT stuff for a couple of years now, I'm pretty rusty,
so I'm sure someone will clean up my mess if I am mistaken... ;-)
--
Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail. Sorry for the inconvenience. Thank the spammers.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20041020/e68b1b0b/attachment.sig>
More information about the Discuss
mailing list