[Pdns-users] CPU consumption of pdns_recursor

Nejedlo, Mark Mark.Nejedlo at tdstelecom.com
Tue Apr 6 14:18:33 UTC 2021


On Tuesday, April 6, 2021 3:32 AM, Remi Gacogne wrote:
> On 4/6/21 8:35 AM, Otto Moerbeek via Pdns-users wrote:
> > On Mon, Apr 05, 2021 at 05:30:11PM +0000, Nejedlo, Mark via Pdns-users
> wrote:
> > 2 distributior thread feels a bit overkill, 1 distributor thread
> > should be able to feed 8 workers. Did you do measurements to come to
> > this value?

The performance and tuning page was vague about when multiple distributors might be necessary, so I started with 2.  Looking at the actual CPU usage, it can likely be dropped to 1.

Would additional distributor threads really cause additional worker CPU usage?

> > Your maintenance function looks like it could run for a while if
> > timeouts happen. I don't know how bad that would be from the top of
> > my head, but it could have an impact.

Fair point about timeouts.  Since my concern is raw CPU usage rather than latency or throughput, I'd be pretty disappointed if LUA busy waited on that socket, but I suppose it could.

Does the maintenance function block the worker while it's running?

> > Your packet cache hit ratio is extremenly low. Are you running dnsdist
> > with a packetcache in front of this recursor? Or can you explain it
> > from the type of queries you are getting?

Yes, dnsdist in front.

> I see that XPF is enabled between dnsdist and the recursor, which likely
> kills the recursor's packet cache. That might explain the bad
> performance results.

Even with a short edns-subnet-whitelist?

> Would you mind sharing your dnsdist configuration as well?

Below

> > If you are setting up a lab env, I certainly would try to use 4.4 or
> > 4.5 (which is in beta) they both contain performance improvememnts.
> 
> And then using the proxy protocol instead of XPF could be a huge
> improvement.

Both 4.4/5 and proxy protocol were on my radar, but my priority was to address the CPU usage.  If there's performance gains to be had in upgrading, I can certainly do that.  Is 4.5GA likely to happen soon?

Mark



Files:

/etc/dnsdist/dnsdist.conf
-------------------------
includeDirectory("/etc/dnsdist/conf.d/")

-- not ideal, but necessary for now
setACL({'0.0.0.0/0', '::/0'})

-- listen interfaces generated automatically on anycast hosts

newServer({address='[::1]:5353', useClientSubnet=true, addXPF=65280, sockets=8})

controlSocket('::1')
-------------------------


/etc/dnsdist/conf.d/listen_ips.conf
-------------------------
addLocal("127.0.0.1")
addLocal("::1")
addLocal("64.50.232.2")
addLocal("64.50.232.17")
addLocal("134.215.200.125")
addLocal("204.246.1.36")
addLocal("216.165.128.161")
addLocal("216.165.129.157")
addLocal("216.170.153.146")
addLocal("2600:3400:4:1::1")
addLocal("24.54.164.30")
addLocal("24.54.164.36")
addLocal("24.56.178.101")
addLocal("74.211.15.210")
addLocal("74.211.51.220")
addLocal("74.211.57.132")
addLocal("74.211.63.200")
addLocal("74.211.89.200")
addLocal("10.4.24.115")
addLocal("2600:3400:4:df16:250:56ff:feae:df16")
addLocal("64.50.242.202")
addLocal("2600:3404:200:1:250:56ff:feae:df16")
addLocal("fe80::250:56ff:feae:df16%ens192")
-------------------------


/etc/dnsdist/conf.d/clientkey.conf
-------------------------
setKey(<redacted>)
-------------------------


More information about the Pdns-users mailing list