[ovs-dev] DNS support options

Mark Michelson mmichels at redhat.com
Tue Aug 8 20:09:28 UTC 2017


In a project I worked on previously, we used unbound [1] for async DNS, and
it worked well for our needs. We liked that DNSSEC was supported out of the
box. If you're talking about just doing A/AAAA lookups, that's also
supported out of the box. If you want to do fancier things (NAPTR or SRV),
then you'll have to parse the DNS results yourself. And as for the
licensing, it's BSD [2] licensed.

Mark Michelson

[1] https://www.unbound.net/
[2] http://unbound.nlnetlabs.nl/svn/trunk/LICENSE

On Tue, Aug 8, 2017 at 2:49 PM Ben Pfaff <blp at ovn.org> wrote:

> On Tue, Aug 08, 2017 at 02:59:21PM -0400, Lance Richardson wrote:
> > > From: "Ben Pfaff" <blp at ovn.org>
> > > To: dev at openvswitch.org
> > > Sent: Tuesday, August 8, 2017 2:43:17 PM
> > > Subject: [ovs-dev] DNS support options
> > >
> > > Open vSwitch currently supports only IP addresses for specifying
> > > OpenFlow and OVSDB remotes.  It would be nice to support DNS names.
> > > Open vSwitch can't afford to let DNS resolution block processing, so it
> > > needs some way to resolve DNS asynchronously.  I've come up with the
> > > following solutions so far:
> > >
> > >         * Implement it ourselves using threads.  Probably, this would
> be
> > >           a single worker thread that loops through calls to
> > >           getaddrinfo().
> > >
> > >         * glibc has getaddrinfo_a(), an asynchronous version of
> > >           getaddrinfo().  *BSD and Windows do not have this function,
> so
> > >           we would still need to implement it ourselves (probably using
> > >           threads) if we adopted this approach, so it might be more
> work
> > >           than the first solution.
> > >
> > >         * Use an external asynchronous DNS library.  GNU adns looks
> like
> > >           a good choice: http://www.chiark.greenend.org.uk/~ian/adns/.
> > >           It has a port to Windows but I don't know whether it's
> > >           up-to-date.
> > >
> >
> > With adns_beforepoll()/adns_afterpoll(), it looks like adns might be easy
> > to integrate on top of lib/poll-loop.c.  Not requiring a separate thread
> > seems like a plus.
>
> Oops, I just realized that adns is GPL'd, which means that linking it
> against OVS would force OVS to be GPL'd, so it's probably not a good
> choice.
>
> Other possible choices:
>
>         - c-ares (https://c-ares.haxx.se/).  Main disadvantage seems to
>           be that it's very "select" oriented.
>
>         - UDNS (http://www.corpit.ru/mjt/udns.html).  May not be well
>           maintained--last release in 2014.  Does not fall back to TCP
>           if necessary.  Port to Windows exists, don't know whether it's
>           up-to-date.
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>


More information about the dev mailing list