Centre for Advanced Internet Architectures, Swinburne University of Technology, Melbourne, Australia CRICOS number 00111D 20th October, 2010 ---------------------------------------------- OVERVIEW ---------------------------------------------- The introduction of DNSSEC and the increasing adoption of IPv6 pose new problems and challenges to the current DNS system. As these protocols tend to generate DNS responses too large for UDP transport, TCP will be used more frequently as transport, generating non negligible overhead to DNS servers. Huston[1] proposed a "stateless" TCP, to allow DNS queries to be sent over TCP, but easing the load on the server, by simplifying the TCP's connection establishment steps. We have implemented the concepts outlined in [1] in the FreeBSD kernel. Details of our design choices and implementation details can be found in [2]. ---------------------------------------------- LICENCE ---------------------------------------------- The statelessTCP patch is released under a BSD licence. Refer to licence headers in each source file for further details. ---------------------------------------------- USAGE ---------------------------------------------- Make sure the base system you are installing onto is already running FreeBSD 9.x before continuing. 1. svn co -r 212621 http://svn.freebsd.org/base/head 2. cd /path/to/src 3. patch -p1 < /path/to/statelessTCP_0.1_head_r212621.patch 4. make buildworld buildkernel installkernel installworld 5. mergemaster -iF -m /path/to/src 6. reboot ---------------------------------------------- RUN TIME CONFIGURATION ---------------------------------------------- We suggest that named.conf have the following parameter settings when used with statelessTCP to allow large responses: edns-udp-size 4096; max-udp-size 4096; StatelessTCP defines the following system control parameters shown with their defaults: * net.inet.tcp.stateless.timeout: 3000 {StatelessTCP lookup table timeout (ticks).} * net.inet.tcp.stateless.loglevel: 1 {StatelessTCP logging level: 0 - no logging, 1 log only errors, 2 - detailed log, 3 - very detailed logging for debugging.} * net.inet.tcp.stateless.port: 53 {Port monitored for statelessTCP.} * net.inet.tcp.stateless.active: 0 {When this is not 0 statelessTCP is activated on the port defined in net.inet.tcp.stateless.port.} In addition the following system control parameters may need adjustment: * net.inet.tcp.syncache.hashsize * net.inet.tcp.syncache.cachelimit * net.inet.tcp.syncache.bucketlimit These should be set to values appropriate for the expected load. For more details, please refer to [2]. ---------------------------------------------- ACKNOWLEDGEMENTS ---------------------------------------------- This work has been made possible in part by a grant from APNIC and Nominet. ---------------------------------------------- RELATED READING ---------------------------------------------- This software was developed at Swinburne University's Centre for Advanced Internet Architectures, under the umbrella of the StatelessTCP project. http://caia.swin.edu.au/ngen/statelesstcp/ ---------------------------------------------- REFERENCES ---------------------------------------------- [1] G. Huston, "Stateless and dnsperate!" The ISP Column, Nov. 2009. [Online]. Available: http://www.potaroo.net/ispcol/2009-11/stateless.pdf [2] D. Hayes, M. Rossi, and G. Armitage, '"Stateless" TCP in FreeBSD', CAIA Technical Report CAIA-TR-101022A, October 2010. ---------------------------------------------- AUTHORS ---------------------------------------------- The statelessTCP patch was developed by David Hayes., and tested with the help of Mattia Rossi, "