
Robdns – A fast DNS server based on C10M principles - sanxiyn
https://github.com/robertdavidgraham/robdns
======
halayli
Few nitpicks found while skimming through the source.

fd = socket(AF_INET6, SOCK_DGRAM, 0); if (fd <= 0) {

This should be fd == -1. fd == 0 is valid.

[https://github.com/robertdavidgraham/robdns/blob/master/src/...](https://github.com/robertdavidgraham/robdns/blob/master/src/main-
server-socket.c#L167)

[https://github.com/robertdavidgraham/robdns/blob/master/src/...](https://github.com/robertdavidgraham/robdns/blob/master/src/main-
server-socket.c#L126)

check errors from sendto() & recvfrom(). you don't want to loop infinitely
when fd is hosed.

[https://github.com/robertdavidgraham/robdns/blob/master/src/...](https://github.com/robertdavidgraham/robdns/blob/master/src/grind.c#L43)

Check return value of your mallocs.

[https://github.com/robertdavidgraham/robdns/blob/master/src/...](https://github.com/robertdavidgraham/robdns/blob/master/src/pixie-
nic.c#L328)

Check return value of fd.

~~~
tptacek
The zero fd is valid but will never happen in this code.

Checking the return value of malloc is a bad idea (just rig the program to
explode when any malloc fails). But casting the return value of malloc is
incorrect, and that code should be using calloc.

~~~
halayli
How do you know? What if someone forked this program and closed fd 0 before
execX()? You have to abide by the posix standard and what the man page tells
you. Now it never happens, but later the code can change and the case can hit.
Most probably you'd have forgotten about this check.

Malloc failures don't always have to result in aborting the program. Cases can
vary.

My suggestion to you is abide by the man page and always check error
conditions. Don't overthink the failure cases of stdlib & posix calls. You
never know the OS/environment your program will run in, and the only common
ground you have is the standard.

~~~
tptacek
You don't know. It's true that the line of code he cited was incorrect. It's
just not a very interesting example of incorrect code.

Malloc failures don't always result in aborting. The common alternative,
especially in programs that have careful malloc return value checking regimes,
is to occasionally cough up remote code execution.

Userland systems programmers should assume the conservative default of ending
the program immediately when malloc fails.

A similar logic guided C++ into throwing bad_alloc instead of returning NULL
on allocation failures. And a survey of modern C++ code will show you that
most C++ programs simply allow themselves to terminate when bad_alloc happens.

~~~
halayli
It doesn't have to be interesting. Incorrect code covers a spectrum and is not
black or white. The term "edge-case" describes it pretty well.

Regarding mallocs, again you don't have to overthink error-handling. Just
handle it and figure out how to deal with it if it happens.

C++ has nothrow and try/catch. If you want to catch a failed new or abort is
something up to the user. One thing for sure is that C++ aborts on failed new
instead of stumping on unallocated memory.

On the other hand, consistency is important. Some parts of the code handled fd
correctly and malloc failures and other parts did not.

I recommend you applaud good programming practices and criticize bad ones.
Defending/arguing bad programming practices(whether they are edge cases or
not) doesn't help.

~~~
tptacek
I responded to this downthread.

------
jvehent
"The key feature is a built-in custom TCP/IP stack capable of handling
millions of DNS queries-per-second per CPU core."

DNS uses UDP primarily. I suspect the author meant "UDP/TCP/IP" by "TCP/IP".

Years ago, I wrote a basic TCP stack for a honeypot research project. It is
hard and incredibly complex. So this statement raises a number of concerns,
and will need to be audited before being used in production.

~~~
marktangotango
Seems like this user land tcp stack could be the basis of types of c10m
servers. Are tbere existenting userland tcp stacks available? I'm not familiar
with any.

~~~
wmf
[http://shader.kaist.edu/mtcp/](http://shader.kaist.edu/mtcp/)

[http://www.openonload.org/](http://www.openonload.org/)

There's also some work showing that you can achieve very high performance with
kernel TCP: [https://www.usenix.org/conference/osdi14/technical-
sessions/...](https://www.usenix.org/conference/osdi14/technical-
sessions/presentation/belay)

------
signa11
not related to this project, but rob is the instigator for massscan
([https://github.com/robertdavidgraham/masscan](https://github.com/robertdavidgraham/masscan))
as well, whic claims to scan the entire ipv4 space in approx 6 minutes!!!

~~~
ay1n
He gave a talk about massscan at this year's DEF CON:
[https://www.youtube.com/watch?v=UOWexFaRylM](https://www.youtube.com/watch?v=UOWexFaRylM)
which is quite fun to watch.

