LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   TCP over DNS (https://www.linuxquestions.org/questions/linux-networking-3/tcp-over-dns-789388/)

jaredscott 02-16-2010 12:48 AM
TCP over DNS
 
Hi guys

I understand that most ISP's do not shape DNS traffic... How effective would it be to push TCP traffic over DNS to a server in Germany (I am located in South Africa) and would it reduce the latency of this data? (presuming these TCP packets are usually shaped, e.g: gaming traffic, torrents, etc

Here is some example java based software:

http://analogbit.com/tcp-over-dns_howto

Thanks

acid_kewpie 02-16-2010 01:20 AM
No way, it'd be massively slow and horrible. tunneling over DNS is a way to circumvent security measures and such, not gain anything resembling performance. I'd not imagine any scenario of shaping where the shaped traffic wasn't still *vastly* faster than the myriad of hoops you need to jump through to hide anything in primitive DNS packets.

jaredscott 02-17-2010 02:12 AM
Hi Chris

Thanks for your response

I understand that DNS tunneling is primarily used to circumvent security especially at locked down hotspots etc but consider the following addition to my post:

Although I used the example of torrent data, in reality I will only need to push about 15mb per hour over DNS to my server sitting in Germany from South Africa (about 4kbps) Lets say we push that to about 15kbps to be absolutely safe in regards to the bandwidth requirements of my application, would tunneling over DNS really slow down my traffic to the point where it would be slower then shaped traffic?

Please be aware that I do not know the answer so dont think that I am flaming or anything :-P

Thanks so much :-)

acid_kewpie 02-17-2010 02:53 AM
Well the DNS requests have to first traverse every DNS server in the path of the DNS lookup, so all the internal ones you go through, and then whatever they see fit to refer to online, each time that packet is stripped, analysed, reformed and passed on, adding on what, 200ms latency to every packet, and still then have all the additional delays in getting a response back simulating an ACK (although quite how this would work within their own bespoke code could improve things in many ways I'm sure). I *could* be wrong, but only if the bandwidth shaping is truly utterly unusably horrendous, and if a 4kbps stream really is impssible normally, who knows... I'd still be sayinga big "NO" myself though.

jaredscott 02-18-2010 01:29 AM
Thanks Chris, that pretty much answers my query

If anyone else thinks otherwise, please post... Otherwise I am happy with the answer.

I will still do some tests but I wont get my app dev'd using DNS tunneling

Sweet cheers


All times are GMT -5. The time now is 01:33 PM.