massdns icon indicating copy to clipboard operation
massdns copied to clipboard

Published 20 hours ago verified publisher icon blechschmidt

Benchmark on ZDNS with MassDNS?

Open jkryanchou opened this issue 5 years ago • 1 comments

ZDNS was another tool to lookup dns records which was developed by ZMap Team. Have you ever do some comparison on ZMap with MassDNS. I wonder which is better for subdomain enumerations.

jkryanchou avatar Feb 15 '19 06:02 jkryanchou

@jkryanchou here is a better question: have you compared them?

I say this because I don't think it's very fair to ask the developer to do so unless an explicitly stated purpose of the project is to stack up to the zmap/zdns project (or any other projects, for that matter)

I think we would all benefit from seeing the numbers you come up with if you take the time to perform some testing. It is very possible that any identified discrepancies are by design, but perhaps you will uncover some issue that can then be addressed to improve the experience for everyone

If you do perform benchmarking, please be sure to document the process as detailed as possible so that it can be recreated and so that it can be verified as a truly fair/equal operation (as well as used as a test case when developing any enhancements)

mzpqnxow avatar Apr 08 '20 12:04 mzpqnxow

Recently, a paper by the ZDNS authors has been published, in which they compare the performance (table 2): https://lizizhikevich.github.io/assets/papers/ZDNS.pdf

While they "configure ZDNS to use 60K threads, a cache-size of 600K entries, and up to 5 retries per query", they do not tweak MassDNS, which results in a high packet drop rate. ("Unfortunately, during our evaluation, we find that its default behavior overwhelms DNS resolvers, which causes 35% of responses to either drop or instigate a SERVFAIL (Table 2).")

I agree that the default configuration of MassDNS is not optimal and I will address this criticism by implementing proper automatic concurrency control and making it the default in the future. Having done first experiments, I am confident that this will eliminate the issue with the high packet drop rate while keeping a substantial performance advantage. However, when adjusting the -s parameter accordingly, you usually won't end up with such a high failure rate. Also, you can further improve the performance of MassDNS by making use of multiprocessing through the --processes option.

blechschmidt avatar Sep 24 '22 11:09 blechschmidt

Got it. I am so appreciated your work on benchmarking on it. Nice Work

jkryanchou avatar Oct 13 '22 05:10 jkryanchou

I have nothing to do with that paper. It is exclusively the work of the authors.

blechschmidt avatar Oct 13 '22 09:10 blechschmidt