[dnsdist] Marking downstream Unexplained
Remi Gacogne
remi.gacogne+dnsdist at powerdns.com
Fri Feb 19 14:23:20 UTC 2016
Hi everyone,
On 02/16/2016 06:33 PM, Aleš Rygl wrote:
> Hmm, so I was wrong when I was considering the option "retries" option
> to be an option for healthcheck retries...
I realized the retries option was not documented, it's now fixed. It
only applies to the number of times dnsdist tries to reconnect to a
backend over TCP before giving up.
I have now added a maxCheckFailures option to be able to configure the
number of health check failures required to consider a backend down.
> Under normal conditions we should not see the servers being down at all
> (unless there is something really wrong with them) so logging the
> healthcheck retries could be a good warning that the resposivnes of the
> resolver is getting worse.
I've just added a lot of log messages to be able to debug health check
failures, they are only enabled in verbose mode _and_ if
setVerboseHealthChecks(true) is used.
> I have noticed that even if everything is fine and there is no DDoS
> running my resolvers (unbound) are dropping the healthcheck query. It
> occures with a rate of 1e-07 (once per day or less)
If you take some time to debug with the new log messages, let me know
what is happening and if we can improve something on dnsdist's side.
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20160219/ead4a5c3/attachment.sig>
More information about the dnsdist
mailing list