North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: DNS Query Question
- From: Dennis Dayman
- Date: Thu Jan 18 15:14:00 2007
- Dkim-signature: a=rsa-sha1; c=simple; d=thenose.net; s=mail; x=1169755914; q=dns; h=DomainKey-Signature:Received:Message-ID: Date:From:User-Agent:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=GOxbf4kph8 K8iQqZYvjr2FlxswMinTi+EIrKaxpqYH5SCoRtyrSeWlFVLpFCDc1fGLZrKluV0t F60CX4x+BeY6EPsEDSKCFW4o+vR4DBJTPQmT5NoVnkNwmCsz0P52G9nPN7LrlTRT lCz7a9t52vbit6mRaNUDF/G00op5Fd9JQ=
- Domainkey-signature: a=rsa-sha1; s=mail; d=thenose.net; c=simple; q=dns; h=message-id:from; b=X5EqTo74lGduXtU7rx4JdpZjupGmulP4LFxZVEwr8DBIjljCXaVK1jJShGSR jDluf7+d7vhdZCsYtt+OyzYPcXrCTXPXJEfBKCKvbSramCwwXK2emuefv jO7hNfmBgjZvJGb/IRzNBQXwRLkazyygeNB5WWZFoWjpYmljXyhs34=;
David Ulevitch wrote:
Dennis Dayman wrote:
I have a customer having some DNS issues. They have done some research
regarding some DNS timeout errors they saw with Verizon's sender verify
looking up their MX records. What they have discovered is their
current DNS service has a 1% failure/timeout rate. They are exploring
other vendors (UltraDNS for one), but need an estimate of the number
of DNS queries for accurate pricing to put together a ROI argument for
the
switch.
I have no IDEA if this can be determined, but what is a good estimate of
the number of DNS queries generated from sending an email?
That's not a good tack to take to figure out the answer.
Just check the logs of your current DNS server and count 'em up.
UltraDNS isn't cheap. But neither is downtime, I suppose.
Here's what Chuq figured.
If I’m sending from my machine to your machine, here’s what I think is
the right sequence.
HELO foo.com (generates a call to the IP of the socket to compare to
foo.com)
It’s also going to look up the foo.com to make sure it resolves
MAIL-FROM – it’ll look up the domain to make sure it exists, I believe.
So I think the baseline is 3, plus whatever anti-spam a site might use:
DKIM, Sender-ID, SPF all generate at least a lookup of a TXT record, and
depending on how they’re implemented, maybe an A. Some of the anti-spam
stuff might pull MX to verify a return path exists, too.
I’d say the minimum is 3, max is around 8, assuming nothing cached
anywhere, for a new connection with one email sent. Multiple emails on a
connection helps, and pipelining helps more (but individually optimized
emails hose that); client side caching helps a lot but we can’t depend
on it.
If they want to send a message back (DSN, say), that’s going to pull the
A record, then the MXes, and then for each MX, I believe it does a
reverse lookup to get the name, and that iterates for every MX until
sent or you run out of MXes.
-Dennis
|