[dnsdist] Packetcache expiring

Nemanja Zeljkovic nocturo at gmail.com
Fri Mar 9 11:24:52 UTC 2018 

Hi Remi,

I assumed the following while working with newPacketCache():
- temporaryFailureTTL - if we can’t get response from any backend, cache
for this long
- staleTTL - when no backend servers are reachable, serve for this long
from cache (what I assumed my case would be)

and with setStaleCacheEntriesTTL() to eventually override TTL for stale
entires. What is confusing is “use expired entires” on [1] which I cannot
envision at all since they are purged from packet cache when they expire.

Basically what I want(ed) to accomplish is to give me some time in case of
a problem regardless of what TTL someone set for the zone/record. In case
every backend server is unavailable (broken vpn for example), dnsdist would
still serve until it’s been fixed. I would love to use anycast for this
kind of fault tolerance but it’s currently out of my reach so I’m trying a
poor man’s packet cache approach.

Maybe an option not to purge entires from cache if there is no backend
server available would be beneficial for this use case, but what I
currently envision as a “fix” would be to when failure to all backens
happen, and it’s detected, to somehow connect to console remotely and
set setCacheCleaningPercentage(0), and revert once we have working backends.

Do you have any insights on how to accomplish this at it’s current state,
or maybe if this would be viable addition to dnsdist?

[1] https://dnsdist.org/guides/cache.html

Thanks,
Nick


On March 9, 2018 at 9:51:20 AM, Remi Gacogne (remi.gacogne at powerdns.com)
wrote:

On 03/08/2018 07:08 PM, Nemanja Zeljkovic wrote:
> I think I narrowed this down to cache cleanup. Specifically:
> https://github.com/PowerDNS/pdns/blob/master/pdns/dnsdist.cc#L1713
>
> default is 60, my TTL was 60 so that’s why I got about two minutes of
> “availability”. Setting setCacheCleaningPercentage to 0 seems to do what
> I want, however that would mean cache will not get expunged at all. Does
> this have some negative side effects? i.e if we hit the limit, and new
> query needs to go in, what will happen?

Yes, it would mean that:

- once the cache is full, no new answer can be cached, ever ;
- the cache would continue to serve cached answers indefinitely, even if
they change upstream.

I don't understand what you are trying to achieve here, would you mind
telling us a bit more about what your goals are? Why would you want to
keep answers cached for longer than their TTL?

Regards,

Remi

_______________________________________________
dnsdist mailing list
dnsdist at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20180309/4ac995be/attachment.html>

More information about the dnsdist mailing list