On 25 May 2016, at 19:13, Roland van Rijswijk - Deij <Roland.vanRijswijk@surfnet.nl> wrote:
Hi Roland,
I've already run a number of benchmark tests with TLS-enabled Unbound,
That’s interesting, we are doing the same although there still are a couple of features that are missing from Unbound for it to be fully performant/production ready. We have also had a lot of discussions about how existing load balancers might be modified do to the TCP/TLS connection management for DNS, so it would actually be interesting to have resolvers with differing configurations.
and would be willing to host one or two public resolvers at SURFnet that are TLS-enabled. Would that be helpful?
That sounds great.
I even have (relatively) nice IP addresses available ;-) (145.0.0.145 comes to mind).
nice :-) Sara.