[FR] Ability to use Redis unix sockets

[alpominth]

Redis has two options for setting communication over unix sockets:

unixsocket /var/lib/redis/redis-server.sock
unixsocketperm 700

Such a feature would be useful as unix sockets have a better throughput than AF_INET/AF_INET6 sockets.

[wcawijngaards]

The commits add the option redis-server-path: "/var/lib/redis/redis-server.sock" and if you set this it should work. Could you test this? It calls the unix socket redis context setup routine when the option is set. With timeout, from the redis-timeout option.

[alpominth]

Configuration:

server:
  interface: 127.0.0.1
  interface: ::1
  port: 1053
  cache-max-ttl: 5184000
  cache-min-ttl: 5184000
  cache-max-negative-ttl: 604800
  val-bogus-ttl: 0
  delay-close: 10000
  chroot: ""
  username: permcache
  directory: ""
  pidfile: ""
  do-not-query-localhost: no
  module-config: "validator cachedb iterator"

cachedb:
  backend: redis
  redis-server-path: "/dev/shm/sock1"
  redis-timeout: 5000

forward-zone:
  name: "."
  forward-addr: ::1@10053

/\ [::1]:10053 is the port of my local DNSCrypt.

# time dig @127.0.0.1 -p 1053 startpage.com
; <<>> DiG 9.18.10-2-Debian <<>> @127.0.0.1 -p 1053 startpage.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62091
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;startpage.com.			IN	A
;; ANSWER SECTION:
startpage.com.		5184000	IN	A	37.0.87.15
;; Query time: 307 msec
;; SERVER: 127.0.0.1#1053(127.0.0.1) (UDP)
;; WHEN: Mon Jan 23 05:00:01 EST 2023
;; MSG SIZE  rcvd: 58
real	0m0.328s
user	0m0.004s
sys	0m0.007s

# /dev/shm/unbound-master/unbound -dd -c /dev/shm/u1.conf 
[1674468066] unbound[1502628:0] notice: init module 0: validator
[1674468066] unbound[1502628:0] notice: init module 1: cachedb
[1674468066] unbound[1502628:0] warning: cachedb: serve-expired-reply-ttl is set but not working for data originating from the external cache; 0 TLL is used for those.
[1674468066] unbound[1502628:0] notice: init module 2: iterator
[1674468066] unbound[1502628:0] info: start of service (unbound 1.17.2).
^C[1674468075] unbound[1502628:0] info: service stopped (unbound 1.17.2).
[1674468075] unbound[1502628:0] info: server stats for thread 0: 0 queries, 0 answers from cache, 0 recursions, 0 prefetch, 0 rejected by ip ratelimiting
[1674468075] unbound[1502628:0] info: server stats for thread 0: requestlist max 0 avg 0 exceeded 0 jostled 0

# /dev/shm/unbound-master/unbound -dd -c /dev/shm/u1.conf 
[1674468095] unbound[1504185:0] notice: init module 0: validator
[1674468095] unbound[1504185:0] notice: init module 1: cachedb
[1674468095] unbound[1504185:0] warning: cachedb: serve-expired-reply-ttl is set but not working for data originating from the external cache; 0 TLL is used for those.
[1674468095] unbound[1504185:0] notice: init module 2: iterator
[1674468095] unbound[1504185:0] info: start of service (unbound 1.17.2).

# time dig @127.0.0.1 -p 1053 startpage.com
; <<>> DiG 9.18.10-2-Debian <<>> @127.0.0.1 -p 1053 startpage.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15159
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;startpage.com.			IN	A
;; ANSWER SECTION:
startpage.com.		5183862	IN	A	37.0.87.15
;; Query time: 2 msec
;; SERVER: 127.0.0.1#1053(127.0.0.1) (UDP)
;; WHEN: Mon Jan 23 05:02:19 EST 2023
;; MSG SIZE  rcvd: 58
real	0m0.021s
user	0m0.008s
sys	0m0.003s

===========================================

It's fully working, as you can see, the cache persists across invocations of Unbound.

[alpominth]

If it isn't asking too much, could you implement ability to specify the Redis password? ===> #833

[gthess]

Hi @alpominth, #833 is now addressed on the master branch. Could you try and report if it works for you on the issue?