[Pdns-users] pdns recursor edns-client-subnet caching problems
Remi Gacogne
remi.gacogne at powerdns.com
Tue Aug 8 08:23:25 UTC 2017
On 08/03/2017 11:05 PM, Shawn Zhou wrote:
>> Yes, you are right, this is known behavior in 4.0.x, we don't use
>> subnet-specific entries as soon as we get an entry usable for all subnets.
>
> Will 4.0.x be updated to address the problem?
I'm not sure we should, to be honest. We could make sure that we always
return the best match we have in cache, as 4.1 does, but it doesn't help
much because as soon as the authoritative server sends an answer with a
scope set to 0, we will stop asking for a better match for this
qname/qtype until the entry expires, so you only get subnet-specific
entries if they are inserted in the cache before the scope-0 one. This
could make debugging quite painful.
> The 4.1 release from "http://repo.powerdns.com/ubuntu xenial-rec-41 main" didn’t work well for me because
> I was getting timed outs. Maybe my configs need updates but they work for 4.0.
Right, we fixed some issues since alpha1, and I'm pretty sure you were
hit by [1].
> I think your points are valid. Does PowerDNS authoritative server handles
> this probably? If so, I like to try it out.
It is correctly handled if the backend return valid subnet information,
yes. Please let us know if you encounter any issue.
[1]: https://github.com/PowerDNS/pdns/pull/5549
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20170808/29cbcc98/attachment.sig>
More information about the Pdns-users
mailing list