Hacker News new | ask | show | jobs
by sillysaurus 4790 days ago
I wasn't speaking theoretically. I don't understand how a pipe read + string compare + pipe write would add 5ms per query.

As for detection, that was the reason I brought up CPU power. Modern CPUs are so fast that that it seems like this redirector would hardly generate a blip in any chart (such as top).

I don't care about proving anybody wrong. I care about filling my knowledge gaps. I.e. it's interesting to try to figure out how something like this would be detected in practice.
1 comments
peterwwillis 4790 days ago
You'd be using network sockets, not pipes (pipes are slow as fuck btw). And it would add the latency of the network transmission in both directions, plus the processing time, which would add up to much more than 5ms unless you're on the same network segment as your target. And higher CPU load increases latency.

Who is going to notice increased latency in DNS queries? Most likely web developers. Nobody else I can think of would do (non-cached) bulk DNS queries to random domains and actually be looking for millisecond changes in lookup time. And those developers would have no insight to the DNS infrastructure serving requests, so they'd have no idea to contact the DNS admins to investigate. Even the DNS admins could be fooled before they contact network admins to do further research.

The bottom line is not "has DNS latency changed?", it's "has DNS latency become unacceptably high enough to force me investigate?" Unless it's becoming a problem, I think anyone would ignore increased latency because they have ten other work tasks to deal with.

link
tiredofcareer 4790 days ago
> Unless it's becoming a problem, I think anyone would ignore increased latency because they have ten other work tasks to deal with.

You'd be surprised once you start working with larger, higher-traffic infrastructures. If our average external DNS query rises 200ms, my phone goes off. There's more slack on p99, but it's also monitored.

All of the timings for the various parts of a request to the system that I administer are instrumented from a small libcurl app running in multiple ASNs remotely, because Pingdom and other services do not provide the resolution that we need. They are then rendered on a stacked graph that always lives on my third monitor, and any significant deviation averaged out over five minutes catches my eye.

I know it sounds like overkill, but it's crucial at scale.

link
sillysaurus 4790 days ago
That monitoring sounds awesome. What is it? Is it available to the public? Which method do you use to graph the data?
link
caf 4789 days ago
You monitor your DNS latency, but you don't monitor your delegations?
link