Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 12 Apr 2019 07:53:07 -0400
From: Rich Felker <dalias@...c.org>
To: Richard Tweed <rtweed@...ughtmachine.net>
Cc: musl@...ts.openwall.com
Subject: Re: Feature Request: Support use-vc option in resolv.conf

On Fri, Apr 12, 2019 at 12:38:36PM +0100, Richard Tweed wrote:
> Hi all,
> 
> I've run into a situation where I need DNS resolution to always be over TCP
> rather than UDP due to AWS dropping DNS packets frequently enough to be a
> problem. On glibc based environments I can use the use-vc option in the
> resolv.conf file.
> http://man7.org/linux/man-pages/man5/resolv.conf.5.html
> On MUSL this doesn't seem to be supported and I would love for this to be
> added.
> 
> Feel free to CC me on this discussion

DNS over TCP is intentionally not supported in musl because of how bad
the performance is, among other reasons. For cases like yours where
it's needed, you would get much better results by running a caching
dns proxy (using TCP for outbound requests) on localhost and pointing
resolv.conf at that.

(You may also be able to get good results by configuring the retry
interval very low to make up for their servers dropping requests, but
that might not be polite.)

Rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.