-
-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FR] Use kernel timestamps for dnstap #888
Comments
Hi Robert, I have implemented the feature in the commit. It changes the kernel timestamp handling, so that the timestamp is not modified by the checking code, it is left as it was when the packet entered. The wait_queue_time that is calculated is used instead to measure if the packet needs to be dropped. Then the kernel timestamp is passed to dnstap, and if such a timestamp is available that is used for logging the client queries. I hope this provides more accurate time information! The commit is part of the code repository. |
* nlnet/master: (39 commits) - Fix unbound-dnstap-socket time fraction conversion for printout. - Fix unbound-dnstap-socket printout when no query is present. - Fix to remove unused variables from RPZ clientip data structure. - Fix RPZ removal of client-ip, nsip, nsdname triggers from IXFR. - Fix to print debug log for ancillary data with correct IP address. - Fix NLnetLabs#888: [FR] Use kernel timestamps for dnstap. - Fix warning in windows compile, in set_recvtimestamp. - Fix doxygen in addr_to_nat64 header definition. - Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h. - Fix NLnetLabs#885: Error: util/configlexer.c: No such file or directory, adds error messages explaining to install flex and bison. Changelog entry for NLnetLabs#722: - Merge NLnetLabs#722 from David 'eqvinox' Lamparter: NAT64 support. - For NLnetLabs#722: minor fixes, formatting, refactoring. - For NLnetLabs#722: Minor fixes, formatting and refactoring. - Fix RPZ IP responses with trigger rpz-drop on cache entries, that they are dropped. Changelog for NLnetLabs#860 Remove msg_del_for_0ttl, call msg_cache_remove directly - Fix for NLnetLabs#882: document variable to stop doxygen warning. - Fix for NLnetLabs#882: small changes, date updated in Copyright for util/timeval_func.c and util/timeval_func.h. Man page entries and example entry. stats: add query max wait time metric stats: add counter for timed out queries config: add sock_queue_timeout configuration ...
Hey @wcawijngaards @vvfedorenko, I see support was added for kernel timestamping of client queries in #882. Looks like it's conditionally enabled only if the new
sock_queue_timeout
option is enabled?Any chance the kernel timestamp could be enabled and used (if available) instead of re-fetching the timestamp in the dnstap code?
unbound/dnstap/dnstap.c
Line 396 in 1fb78af
The dnstap code is going to run some time after the client query packet hits the machine, potentially after many context switches, etc., so the accuracy of the dnstap timestamp can certainly suffer if the query is being re-timestamped after getting the packet from the kernel.
Thanks!
The text was updated successfully, but these errors were encountered: