[dnsdist] Does dnsdist try the next server inside a pool, when the first does not answer?

[Remi Gacogne]

Hi Tobias,

On 25/09/2023 06:18, Schnurrenberger Tobias (ID) via dnsdist wrote:
> We are using multiple resolvers in the same pool and we set the setServFailWhenNoServer option. There is also an overflow configured, which allows only 10000 qps to this pool.
> 
> What happens when the first server in the pool does not answer the query within the configured setUDPTimeout?
> Is the same query sent to the next server inside the pool?

No, it does not.

> Or does dnsdist reply to the client with SERVFAIL without trying another server?

In the exact case of the selected backend timing out, dnsdist will not 
reply to the client at all. setServFailWhenNoServer() controls what 
happens when all servers in the selected pool are down, but not when a 
server was considered to be available but did not answer in time.

> Does dnsdist only switch to the next server, if the state of the first one is 'down'?

In your case, yes. With the whashed load-balancing policy that you are 
using, dnsdist wil selected a backend among the ones that are considered 
available, based on the latest health-check attempts, using a hash of 
the queried name.
The reasoning behind this behaviour was that most applications/stub 
resolvers will retry quite quickly over UDP, often before 2 seconds 
which is the default value of setUDPTimeout, and thus it does not make 
sense to increase the load on the backend.

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20230925/504cf59c/attachment.sig>