[dnsdist] Explanation for "drops" in "showServers()"?
Remi Gacogne
remi.gacogne at powerdns.com
Thu Jun 10 12:48:53 UTC 2021
On 6/10/21 2:27 PM, Tom via dnsdist wrote:
> Our UDP-Timeouts defaults to 2. With the "grepq("2000ms")" command, I
> can see a lot of entries with the mentioned "T.O" (timeout). But I see
> also the following entry with a latency of 2891.8ms which should be
> dropped if UDP, right?:
>
> -12.4 xx.xx.xx.xxx:50105 zz.zz.zz.zzz:53
> 4417 abc.example.com. A 2891.8 RD No Error. 13 answers
I'm afraid we don't display whether a given query was received over TCP
in grepq(), which is something I'll definitely change in 1.7 [1]
Note, however, that dnsdist doesn't pick UDP queries that timed out very
quickly, for performance reasons. It does instead iterate over the
pending UDP queries from time to time, usually once every second. That
means that a response can in practice comes back after the UDP timeout
and still be processed as if it did not exceed the timeout, as long as
the corresponding entry has not yet been cleaned up. That would be my
guess in that case.
> In the documentation I don't see a default-value for tcp-timeout. So
> could the line above be a tcp-request without the default 2000ms
> timeout? If not, why do grepq report this line and/or why does dnsdist
> not drop this query?
For TCP dnsdist uses the read timeout specified via 'tcpRecvTimeout' on
the newServer() line declaring the backend [2]. The default value is
30s, which is something that we should probably change, by the way..
So yes, it could very well be a TCP query.
[1]: https://github.com/PowerDNS/pdns/issues/10490
[2]:
https://dnsdist.org/reference/config.html?highlight=tcpRecvTimeout#newServer
Best regards,
Remi
More information about the dnsdist
mailing list