[dnsdist] Dnsdist Backend Timeouts & Drops
Fredrik Pettai
pettai at sunet.se
Wed May 7 19:29:13 UTC 2025
Hi,
We have dnsdist running on the same machine as the backend DNS server it talks to (over the loopback interface).
The dnsdist workers get timeouts from time to time which is a bit odd given the backend is on the same server and uses the default check of a.root-servers.net (which should be locally cached in unbound).
(Running a query locally for a.root-servers.net every second never fails, I’ve also tested with other names, cached or uncached, and the pattern of timeouts doesn’t change much)
We also see “Drops” on the workers, most of them are because the mail-cluster is using this resolver setup, and asks for weird & defunct domain names.
The problem:
The only way (I found) of looking at the what causes the timeouts / drops is to run dnsdist with the verbose flag.
That becomes lots of logs in a short amount of time that I don’t want to see,
Hence, I’ve created this Feature Request:
https://github.com/PowerDNS/pdns/issues/15542
(A nob for turning on just logging of queries that timeout (Drops) in dnsdist)
This would make fault tracing much simpler without verbose logging of all queries.
(If anyone more would find that feature useful, add a thumbs up so they’ll know)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20250507/fd4c23c2/attachment.sig>
More information about the dnsdist
mailing list