search

blechschmidt / massdns

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
GNU General Public License v3.0
3.1k stars 459 forks source link

Benchmark on ZDNS with MassDNS? #40

Closed jkryanchou closed 1 year ago

jkryanchou commented 5 years ago

ZDNS was another tool to lookup dns records which was developed by ZMap Team. Have you ever do some comparison on ZMap with MassDNS. I wonder which is better for subdomain enumerations.

mzpqnxow commented 4 years ago

@jkryanchou here is a better question: have you compared them?

I say this because I don't think it's very fair to ask the developer to do so unless an explicitly stated purpose of the project is to stack up to the zmap/zdns project (or any other projects, for that matter)

I think we would all benefit from seeing the numbers you come up with if you take the time to perform some testing. It is very possible that any identified discrepancies are by design, but perhaps you will uncover some issue that can then be addressed to improve the experience for everyone

If you do perform benchmarking, please be sure to document the process as detailed as possible so that it can be recreated and so that it can be verified as a truly fair/equal operation (as well as used as a test case when developing any enhancements)

blechschmidt commented 1 year ago

Recently, a paper by the ZDNS authors has been published, in which they compare the performance (table 2): https://lizizhikevich.github.io/assets/papers/ZDNS.pdf

While they "configure ZDNS to use 60K threads, a cache-size of 600K entries, and up to 5 retries per query", they do not tweak MassDNS, which results in a high packet drop rate. ("Unfortunately, during our evaluation, we find that its default behavior overwhelms DNS resolvers, which causes 35% of responses to either drop or instigate a SERVFAIL (Table 2).")

I agree that the default configuration of MassDNS is not optimal and I will address this criticism by implementing proper automatic concurrency control and making it the default in the future. Having done first experiments, I am confident that this will eliminate the issue with the high packet drop rate while keeping a substantial performance advantage. However, when adjusting the -s parameter accordingly, you usually won't end up with such a high failure rate. Also, you can further improve the performance of MassDNS by making use of multiprocessing through the --processes option.

jkryanchou commented 1 year ago

Got it. I am so appreciated your work on benchmarking on it. Nice Work

blechschmidt commented 1 year ago

I have nothing to do with that paper. It is exclusively the work of the authors.