The author discusses implementing TCP Fast Open (TFO) in PowerDNS Recursor due to the need for a more efficient way to handle large DNS responses with the rise of DNSSEC and TXT records. TFO allows for data to be passed to the application upon reception of the initial SYN packet, reducing the overhead of a typical TCP DNS request-reply exchange. However, the implementation is not without challenges, such as lack of proper documentation and aggressive black holing mechanisms in the kernel. Despite TFO’s potential to reduce TCP overhead, its adoption in DNS servers remains slow due to these issues.
https://blog.apnic.net/2021/07/05/tcp-fast-open-not-so-fast/