[jitsi-dev] DNS & Connections to servers


#1

Hey

I'm working on the implementation of DNSSEC and dig myself through the various protocols when they do their DNS lookup and connect to the server. Currently when we try to connect we usually do:

IPs;
foreach(ConnectionMethod in Methods)
    IPs.add(lookupIPForMethod(ConnectionMethod))

foreach(IP in IPs)
    tryConnect(IP)

But I think we should do it like this:
foreach(ConnectionMethod in Methods)
{
    IP = lookupIPForMethod(ConnectionMethod)
    tryConnect(IP)
}

This would prevent unnecessary DNS lookups and thus make the whole connection process a bit faster. Is there a reason why we first lookup all IPs? Would anyone mind if I change it? The performance is probably not too much of an issue, but it would help me implementing DNSSEC (and the user experience) a lot.

Regards,
Ingo


#2

dear all,
for some time now the OTR-encrypted chats between Jitsi users look like
this:

<font color="#000000">test chat</font>
    <BR/>

this was tested between Macs (latest version of Jitsi nightly builds),
it occurs with Gmail account as well as with Jit.si accounts.

Text looks normal again if OTR is turned off.

kind regards, MS


#3

Hi,

Hey

I'm working on the implementation of DNSSEC and dig myself through the various protocols when they do their DNS lookup and connect to the server. Currently when we try to connect we usually do:

IPs;
foreach(ConnectionMethod in Methods)
IPs.add(lookupIPForMethod(ConnectionMethod))

foreach(IP in IPs)
tryConnect(IP)

But I think we should do it like this:
foreach(ConnectionMethod in Methods)
{
IP = lookupIPForMethod(ConnectionMethod)
tryConnect(IP)
}

This would prevent unnecessary DNS lookups and thus make the whole connection process a bit faster. Is there a reason why we first lookup all IPs? Would anyone mind if I change it? The performance is probably not too much of an issue, but it would help me implementing DNSSEC (and the user experience) a lot.

Regards,
Ingo

I don't think there is a reason why not to change it.
Some of the protocols are like this because one lookup can return
several addresses/ methods like NAPTR and you cannot just get the
first and try to connect and if it fails go make another lookup and
get the second result, cause results may be rotated and you can end up
trying only one address for some period of time but this can be easily
avoided in the scheme you purpose.
Currently I cannot think of anything else, if someone can complement
further go ahead.

Regards
damencho

···

On Mon, Nov 7, 2011 at 5:28 PM, Bauersachs Ingo <ingo.bauersachs@fhnw.ch> wrote: