Question about Reusing TLS Connections for Multiple Queries

[ztheory]

I noticed that if I send a few DNS queries every few seconds manually through Technitium when forwarding to a recursive resolver, that Technitium initiates a new TLS connection instead of using an existing connection.

Wondering how Technitium handles reusing existing TLS connections. If reusing an open TLS connection is supported, what's the default idle/timeout value and can that be adjusted?

If I use Stubby, it gives me the option to set an idle timeout, where it will reuse the TLS connection until no new queries are received after X seconds, or until the server closes/resets the TCP connection.

# EDNS0 option for keepalive idle timeout in milliseconds as specified in
# https://tools.ietf.org/html/rfc7828
# This keeps idle TLS connections open to avoid the overhead of opening a new
# connection for every query. Note that if a given server doesn't implement 
# EDNS0 keepalive and uses an idle timeout shorter than this stubby will backoff
# from using that server because the server is always closing the connection.
# This can degrade performance for certain configurations so reducing the
# idle_timeout to below that of that lowest server value is recommended.
idle_timeout: 10000

[ShreyasZare]

Thanks for the post. The DNS Server does reuse TLS connections for multiple queries. The idle timeout is not configurable but it is set to timeout in 2 minutes. If you are seeing new connections being made then its the DoT server which is closing the connection from its side which is quite common as a lot of DoT servers have timeout set to as low as 10 sec.

[ztheory]

Thanks for your reply. Closing.