Commit b72d5cd0 authored by Daniel Salzman's avatar Daniel Salzman

kdig: disable TCP Fastopen by default as it breaks TLS connection

parent f6224eb4
......@@ -1117,7 +1117,7 @@ query_t *query_create(const char *owner, const query_t *conf)
query->operation = OPERATION_QUERY;
query->ip = IP_ALL;
query->protocol = PROTO_ALL;
query->fastopen = true;
query->fastopen = false;
query->port = strdup("");
query->udp_size = -1;
query->retries = DEFAULT_RETRIES_DIG;
......
  • This seems like it's hiding the underlying problem -- surely tcp fastopen would be useful for TLS connections too, yes? being able to send the TLS ClientHello in the TLS SYN would speed things up.

  • Hello @dkg. I didn't manage to make TCP Fast Open work with TLS cross-platform. I'm pretty sure it's possible but I didn't have the time to code it properly. I was actually hoping that somebody will pick my work on TFO and polish the rought edges. ;)

  • Is there an open ticket about that? It'd be good to track it as an unfinished project.

  • There is now #549

Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment