[dnsdist] Handling lack of caching of TC responses

Remi Gacogne remi.gacogne at powerdns.com
Fri Nov 18 09:42:30 UTC 2022

Hi Dan,

On 18/11/2022 02:51, Dan McCombs via dnsdist wrote:
> Is that something that's expected to happen once the full response has 
> been returned from a downstream over TCP? Is there some way to force TC 
> responses to have at least some minimal TTL? Or some way to have dnsdist 
> use its cached response rather than going back to the downstream in that 
> case on UDP queries?

This is indeed an unfortunate consequence of the fact that there is no 
TTL on a truncated answer, and no way to set one, so the cache does not 
even try to store it.
Perhaps it might make sense to cache these TC=1 answers for a 
configurable, very short amount of time. We already have a setting to 
cache "temporary failures", meaning Server Failure and Refused 
responses, for a short amount of time, so it would not be hard to 
implement the same behaviour for truncated answers.
I think we have been reluctant to do that until now because some 
backends actually send TC=1 answers to specific clients, like in the RRL 
Slip case, and do not expect these answers to be served to other 
clients, but that might be OK as long as the caching is configurable and 
can be disabled.

Would you mind opening a feature request on GH [1] so we can track this? 
I would also happily merge a corresponding pull request, of course :)


[1]: https://github.com/PowerDNS/pdns/issues/new/choose

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20221118/bbf65aa7/attachment.sig>

More information about the dnsdist mailing list