Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsdist, auth, rec: EDNS COOKIE option busts packet cache? #5131

Closed
edmonds opened this issue Mar 9, 2017 · 6 comments · Fixed by #8993
Closed

dnsdist, auth, rec: EDNS COOKIE option busts packet cache? #5131

edmonds opened this issue Mar 9, 2017 · 6 comments · Fixed by #8993
Labels
auth dnsdist feature request rec
Milestone
dnsdist-1.6.0

Comments

@edmonds
Copy link
Contributor

edmonds commented Mar 9, 2017

Hi,

I noticed that with a packet cache enabled:

pc = newPacketCache(10000, 86400, 0, 60, 60)
getPool(""):setCache(pc)

When I queried this dnsdist server with dig 9.11, the result was always a cache miss, unless I specified +nocookie to dig. It looks like dnsdist doesn't support the EDNS COOKIE option, so a query with a COOKIE will always bust the packet cache.

This is with the dnsdist Debian package version 1.1.0-2.
@rgacogne
Copy link
Member

Hi!

You are right, the packet cache currently hashes the whole query so a query with a cookie will almost never match an existing entry. We should skip the actual cookie content while hashing the query, but I haven't gotten around to it.

@Habbie Habbie added this to the dnsdist-1.2.0 milestone Mar 21, 2017
@rgacogne rgacogne modified the milestones: dnsdist-1.3.0, dnsdist-1.2.0 Aug 3, 2017
@Habbie Habbie added the auth label Oct 6, 2017
@Habbie
Copy link
Member

Habbie commented Oct 6, 2017

Auth (as of 4.1.0-RC1) has the same issue in the packetcache.

@Habbie Habbie changed the title dnsdist: EDNS COOKIE option busts packet cache? dnsdist, auth: EDNS COOKIE option busts packet cache? Oct 6, 2017
@Habbie Habbie added the rec label Oct 6, 2017
@Habbie Habbie changed the title dnsdist, auth: EDNS COOKIE option busts packet cache? dnsdist, auth, rec: EDNS COOKIE option busts packet cache? Oct 6, 2017
@rgacogne rgacogne modified the milestones: dnsdist-1.3.0, dnsdist-1.4.0 Mar 27, 2018
@ahupowerdns
Copy link
Contributor

As a datapoint, we received a report from an authoritative users of dnsdist that the cache hitrate is going down because of more and more EDNS cookies coming in.

@rgacogne rgacogne modified the milestones: dnsdist-1.4.0, dnsdist-1.5.0 Apr 10, 2019
@danielgriggs
Copy link

It would be nice to get a fix for this.

@cbuijs
Copy link

cbuijs commented Aug 15, 2019

Any updates on this? I don't noticed any improvement in 1.4.0 on this?

@rgacogne
Copy link
Member

No, the packet cache in 1.4.0 is still hashing the whole query.

@rgacogne rgacogne mentioned this issue Nov 5, 2019
Closed
@rgacogne rgacogne modified the milestones: dnsdist-1.5.0, dnsdist-1.6.0 Feb 11, 2020
@rgacogne rgacogne mentioned this issue Apr 2, 2020
Merged
7 tasks
@rootwyrm rootwyrm mentioned this issue Jul 2, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth dnsdist feature request rec
Projects
None yet
Milestone
dnsdist-1.6.0
Development

Successfully merging a pull request may close this issue.

Skip EDNS Cookies in the packet cache rgacogne/pdns
6 participants
@edmonds @Habbie @rgacogne @ahupowerdns @cbuijs @danielgriggs