DNS Test Result - PowerPoint PPT Presentation

About This Presentation
Title:

DNS Test Result

Description:

DNS Test Result draft-zhang-dnsext-test-result-00 Zhang Juan, Li Lianyuan IETF 83 * Introduction In the test, performances of recursive DNS with DNSSec enabled under ... – PowerPoint PPT presentation

Number of Views:64
Avg rating:3.0/5.0
Slides: 7
Provided by: zhangj3
Learn more at: https://www.ietf.org
Category:
Tags: dns | avalanche | result | test

less

Transcript and Presenter's Notes

Title: DNS Test Result


1
DNS Test Result draft-zhang-dnsext-test-result-00
Zhang Juan, Li Lianyuan IETF 83
2
Introduction
  • In the test, performances of recursive DNS with
    DNSSec enabled under different circumstances are
    listed. DNSSec is enabled in the recursive DNS in
    the following cases
  • Case 1, all queries generated by the simulator
    are DNS queries without authentication request
  • Case 2, tests on recursive DNS with DNSSec and
    sortlist enabled is done. That is all queries
    are still DNS queries without authentication
    request. However, recursive DNS need to sort the
    records in special order for every query.
  • records in specific IP address segment can be
    sorted in front of the others.
  • Finally, all queries are based on DNSSec and all
    the signature part records are authenticated by
    the recursive server.

3
Test layout
  • The test simulated a complete recursive
    request-response procedure in a closed network.
  • All the servers are assembled with 2 Intel CPUs
    with 8 core in each other and 8GB RAM. And DNS
    software is BIND 9.8.1-p1.
  • Two data models are simulated
  • 75 and 80 shooting average in the cache of
    recursive DNS.

Avalanche 3100
4
More details on test layout
  • Avalanche 3100 is used as request generator,
    which can simulate many clients with different IP
    addresses with each other.
  • In the test, the Sortlist function of Bind is
    used to sort records for every query.
  • In the test, Dnssec-keygen of Bind is used to
    generate the keys, and the algorithm is RSASHA1.
    The size of ZSK is 1024bit, and the KSK is
    2048bit.

5
Test Results
Table 1 Performance Test Results Of Recursive
DNS with hit ratio of 80
QPS Numerical percentage of CPU utilization percentage of CPU utilization percentage of CPU utilization percentage of CPU utilization QPS under 30CPU Utilization
QPS Numerical 12000QPS 10000QPS 8000QPS 6000QPS QPS under 30CPU Utilization
DNS 21.6 17.6 14.1 10.6 19800
Sortlist(200) 24.7 19.5 16.8 12.3 19300
DNSSEC 36.2 30.6 24.3 18.1 9800
Table 2 Performance Test Results Of Recursive
DNS with hit ratio of 75
QPS Numerical percentage of CPU utilization percentage of CPU utilization percentage of CPU utilization percentage of CPU utilization QPS under 30CPU Utilization
QPS Numerical 12000QPS 10000QPS 8000QPS 6000QPS QPS under 30CPU Utilization
DNS 20.3 17.2 13.9 10.5 18000
Sortlist(200) 23.2 19.1 15.8 11.7 17400
DNSSEC 46.9 37.6 29.5 22.2 8200
  • If some strategy like sortlist is enabled, the
    performance of recursive DNS almost doesnt
    change.
  • While if DNSSec is enabled, the performance of
    recursive DNS will be greatly influenced, which
    can be reduced about 50.

6
Suggestion and Next Step
  • Suggestion
  • More attention should be paid on the performance
    of DNS when DNSSec is enabled.
  • Next Step
  • More tests on this subject will be done
  • Various size of keys will be tested
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "DNS Test Result" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!