[dnsdist] Handling lack of caching of TC responses
Remi Gacogne
remi.gacogne at powerdns.com
Fri Nov 18 09:42:30 UTC 2022
Hi Dan,
On 18/11/2022 02:51, Dan McCombs via dnsdist wrote:
> Is that something that's expected to happen once the full response has
> been returned from a downstream over TCP? Is there some way to force TC
> responses to have at least some minimal TTL? Or some way to have dnsdist
> use its cached response rather than going back to the downstream in that
> case on UDP queries?
This is indeed an unfortunate consequence of the fact that there is no
TTL on a truncated answer, and no way to set one, so the cache does not
even try to store it.
Perhaps it might make sense to cache these TC=1 answers for a
configurable, very short amount of time. We already have a setting to
cache "temporary failures", meaning Server Failure and Refused
responses, for a short amount of time, so it would not be hard to
implement the same behaviour for truncated answers.
I think we have been reluctant to do that until now because some
backends actually send TC=1 answers to specific clients, like in the RRL
Slip case, and do not expect these answers to be served to other
clients, but that might be OK as long as the caching is configurable and
can be disabled.
Would you mind opening a feature request on GH [1] so we can track this?
I would also happily merge a corresponding pull request, of course :)
Thanks!
[1]: https://github.com/PowerDNS/pdns/issues/new/choose
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20221118/bbf65aa7/attachment.sig>
More information about the dnsdist
mailing list