On 07/19/2011 10:51 AM, Reza Lotun wrote:
would be resolved, bombarding amazon's dns servers with requests. After diving in, I learned all Twisted connect* calls go through socket.gethostbyname, which apparently does not do any DNS caching (much to my surprise) unless something like nscd or a local caching nameserver is running (we ended up using BIND).
socket.gethostbyname is just a wrapper around the libc implementation, and you're correct that it does no caching unless the NSS layer does, or the DNS query you're talking to does.
Now, since we never ran a local caching nameserver before I wondered
How did anything work then if you had no local DNS?
what changed. Could it have been that using the _newtls code (with PyOpenSSL 0.12) removed some element of DNS caching that OpenSSL was performing behind the scene? Is this possible? If so, then I just wanted
A quick 10-line connectSSL script on my box running 10.1 does a DNS lookup per-connection. Are you sure this behaviour has changed?
to make sure everyone was aware that if you make a lot of DNS calls in a Twisted server running this code, you too could experience problems if you're not running a local caching nameserver.
Well, TBH if you're not running a local caching nameserver, I am failing to see how anything works!