Closed infosec-it-init closed 4 years ago
mzpqnxow
commented
4 years ago @infosec-it-init I'm curious what type of performance impact this has, I haven't read the commits in full context, but if you're adding any non-trivial logic in the send loop this could very quickly degrade performance depending on the complexity of that logic and by how many entries you have specifying per-domain resolvers
Have you tested it out to see? Or can you speculate a little bit on the points I mentioned?
blechschmidt
commented
4 years ago Hi, @infosec-it-init. Thank you for contributing. Supporting a list of dedicated resolvers/nameservers would be a nice feature. However, I would prefer an implementation using a single allocation for a resolver_t array per entry (e.g. held by the buffer_t structure) at maximum in order to minimize the number of memory allocations. Thus, I will close this PR.
infosec-it-init
commented
3 years ago @infosec-it-init I'm curious what type of performance impact this has, I haven't read the commits in full context, but if you're adding any non-trivial logic in the send loop this could very quickly degrade performance depending on the complexity of that logic and by how many entries you have specifying per-domain resolvers
Have you tested it out to see? Or can you speculate a little bit on the points I mentioned?
I think the overhead is pretty small as it only adds split logic during the parsing of the line of the domains file and getting the next dedicated resolver from the buffer in the lookup struct as long as there are some.
I have tested it and am running it in production for over a year already with the possibility to resolve several million domains per day.
Yet another enhancement PR: if you know the dedicated resolvers per domain it would be nice to be able to specify those as well in the domains file. Suggested implementation: space separated list of dedicated resolver after the domain on the same line in the domains input file.