Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cache-min-ttl #1214

Closed
csousougen opened this issue Nov 27, 2019 · 24 comments
Closed

cache-min-ttl #1214

csousougen opened this issue Nov 27, 2019 · 24 comments
Assignees
@szolin
Labels
feature request P3: Medium
Milestone
v0.102

Comments

@csousougen
Copy link

Admins are using using very low DNS TTLs, making caching inefficient.
Could you please add the option to set a minimum TTL value and override the one provided?

Thank you.
@ameshkov
Copy link
Member

Thank you for the feature request! Let's see how many upvotes it gets

@280blocker
Copy link

This is the most voted request in open issues.
I think this feature will reduce the load on AdGuardHome.

@csousougen
Copy link
Author

CoreDNS supports this feature as much as serve_stale and prefetch.
While CoreDNS is overkill for a home system, these feature would make it lighter and save data for mobile users.

@ameshkov ameshkov added this to the v0.102 milestone Jan 6, 2020
@ameshkov
Copy link
Member

ameshkov commented Jan 6, 2020

Assigned to v0.102

@adworacz
Copy link

Since I configure this on dnsmasq or DNSCrypt-proxy currently, I'd like to request the following:

  • cache_size (entries - easier than thinking about bytes)
  • cache_size = 1024
  • cache_min_ttl = 2400
  • cache_max_ttl = 86400
  • cache_neg_min_ttl = 60
  • cache_neg_max_ttl = 600

Those config directives and values are taken from DNSCrypt-proxy: https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Caching

If I had to pick, I'd say that cache_min_ttl and cache_max_ttl are the highest priority (for me), followed by cache_size (entries), and then the *neg* versions of things.

@adworacz
Copy link

Hmm, looks like (unless I'm way off base) the primary ttl/caching logic happens here:
https://github.com/AdguardTeam/dnsproxy/blob/d4772f979c7711d93fa67a1de5bb3f45974226fb/proxy/cache.go#L126-L152

I don't know go much, but I might take a crack at implementing cache_min/max_ttl here. We'll see how free I am this weekend.

@ameshkov
Copy link
Member

ameshkov commented Feb 2, 2020

Yeah, but I am not sure how safe would be to change that method.

Maybe it'd be better to change packResponse which is used before putting DNS queries to the cache:
https://github.com/AdguardTeam/dnsproxy/blob/d4772f979c7711d93fa67a1de5bb3f45974226fb/proxy/cache.go#L197

@adworacz
Copy link

adworacz commented Feb 4, 2020

Ahh okay, I'll take a look at what it will take to update packResponse.

I should be able to find some time in the next few days.

@adworacz
Copy link

adworacz commented Feb 8, 2020

Got a quick version put together, pushed here: https://github.com/adworacz/dnsproxy/tree/minMaxTTL

However, it's still a WIP, as tests still need to be updated, and likely one or two other things (like the README).

@ameshkov
Copy link
Member

ameshkov commented Feb 9, 2020

Cool, the only thing that I don't like are the default values. I suppose by default dnsproxy should not modify what it gets from the DNS server.

@adworacz
Copy link

Cool, the only thing that I don't like are the default values. I suppose by default dnsproxy should not modify what it gets from the DNS server.

Fair enough - I was on the fence about this when I was working on it, so I'll support "unset" options for the min/max ttl, which should fix the existing tests in the process. I'll write a custom test specifically around the ttl overriding.

@adworacz
Copy link

Got unset ttl working, iterating on the tests now.

All existing tests pass, but I wrote a custom one for ttl overrides, and that’s failing currently. I’m looking into the cause (while I learn Go at the same time).

@adworacz
Copy link

Okay got tests working!

My branch is updated (linked above).

I want to update the README to reflect the new CLI options, then I’ll submit a pull request to dnsproxy.

Do y’all prefer squashed commits or are multiple commits in a PR okay?

@ameshkov
Copy link
Member

@adworacz cool, thank you! I'd prefer squashed

@adworacz adworacz mentioned this issue Feb 15, 2020
Closed
@adworacz
Copy link

Pull request for dnsproxy is up: AdguardTeam/dnsproxy#84

For anyone else reading along - this does not mean Adguard Home supports setting TTL's yet. The front end interface needs to be updated, now that the core DNS library has support for setting TTLs.

This was referenced Feb 15, 2020
Closed
Open
@szolin
Copy link
Contributor

szolin commented Feb 18, 2020

Found in dnsmasq's man page:

--neg-ttl=<time>
    Negative replies from upstream servers normally contain time-to-live information in SOA records which dnsmasq uses for caching. If the replies from upstream servers omit this information, dnsmasq does not cache the reply. This option gives a default value for time-to-live (in seconds) which dnsmasq uses to cache negative replies even in the absence of an SOA record. 
--max-ttl=<time>
    Set a maximum TTL value that will be handed out to clients. The specified maximum TTL will be given to clients instead of the true TTL value if it is lower. The true TTL value is however kept in the cache to avoid flooding the upstream DNS servers. 
--max-cache-ttl=<time>
    Set a maximum TTL value for entries in the cache. 
--min-cache-ttl=<time>
    Extend short TTL values to the time given when caching them. Note that artificially extending TTL values is in general a bad idea, do not do it unless you have a good reason, and understand what you are doing. Dnsmasq limits the value of this option to one hour, unless recompiled.

Interesting that dnsmasq warns users when they use min-cache-ttl as something may break; also they limit this value to one hour - should we do the same?

@ameshkov
Copy link
Member

Yes, I think limiting it is reasonable

@ghost ghost mentioned this issue Feb 18, 2020
Open
@adworacz
Copy link

Hmm okay, I can do that. Where’s the best place to store the constant representing the max?

And do we want a simple min() call, passing in the two values, or more official validation?

@szolin
Copy link
Contributor

szolin commented Feb 20, 2020

As this is just one Go package - you can simply add a new constant to the const section at the top in proxy.go.

I don't think we should warn user if he uses a value larger than our limit, so a simple min() will suffice.

@ameshkov
Copy link
Member

We should warn in the help text, though

@adworacz
Copy link

adworacz commented Feb 20, 2020
edited
Loading

Roger roger - I'll work on these updates (still without a proper go install on this laptop, will be on a better laptop soon).

Update: I've added the cap, and associated help text. There's a few open questions on the pull request. Once those have been answered, I'll post a new revision.

@ameshkov ameshkov mentioned this issue Apr 8, 2020
Closed
@szolin szolin mentioned this issue Apr 16, 2020
Closed
@lordraiden
Copy link

@adworacz @ameshkov
By default the values are for ttl min and max are 0. What is the behabiour in this case? In my log I see different ttl values for each domain, how are these defined?

Do you plan to add a place in the interface to edit this? Something like the advaced settings of pfsense
imagen

@ameshkov
Copy link
Member

@lordraiden there's a task for that: #1587

@lhzw
Copy link

lhzw commented Sep 12, 2020

Er, I don't like the limit of min-cache-ttl, we should believe our users can do the right thing, just like linux.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@szolin szolin

Labels
feature request P3: Medium
Projects
None yet
Milestone
v0.102
Development

No branches or pull requests
7 participants
@adworacz @ameshkov @csousougen @lordraiden @lhzw @szolin @280blocker