DNS and NTS-KE timeouts and retries
Hal Murray
hmurray at megapathdsl.net
Tue Feb 11 08:16:08 UTC 2020
There is no timeout on DNS lookups - whatever the library takes.
There is a 2 second timeout in the NTS-KE area. That's 2 seconds on any call
that does network activity so the total timeout can be several times that.
I have a slow DSL line with lots of bufferbloat. It's great for testing
things like this. I've seen the SSL handshake time out while I was doing a
big download. But it's rare. If other people see too many examples of
unreasonable timeouts, we should increase it.
-----------
Does anybody have experience with when to retry?
One possible error from getaddrinfo is EAI_AGAIN: "Temporary failure". In
that case, the code used to try again reasonably soon with typical backoff.
That can put a lot of junk into the log file.
We retry everything when a new interface is discovered. That catches plugging
in the Ethernet or connecting up the WiFi, but it doesn't catch turning on
your modem. (or the modem taking longer to boot than your PC)
SIGHUP also retries all pending DNS/NTS work.
If nobody has any good suggestions, I'll probably try to trim the logging and
set things up to start with a short timeout (2 min?) with an exponential
backoff and see if I can get a temporary flag out of the NTS-KE code.
--
These are my opinions. I hate spam.
More information about the devel
mailing list