Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Send cache-control headers #8586

Closed
rgacogne opened this issue Nov 27, 2019 · 4 comments · Fixed by #8762
Closed

dnsdist: Send cache-control headers #8586

rgacogne opened this issue Nov 27, 2019 · 4 comments · Fixed by #8762

Comments

@rgacogne
Copy link
Member

@rgacogne rgacogne commented Nov 27, 2019

  • Program: dnsdist
  • Issue type: Feature request

Short description

As reported by Stéphane Bortzmeyer on the mailing-list 1, dnsdist should be able to set cache control headers, as described in section 5.1 "Cache interaction" of rfc8484 2.
This would require parsing the response to extract the lowest TTL, which we try not to do by default for performance reason so perhaps that should be optional.

@bortzmeyer
Copy link

@bortzmeyer bortzmeyer commented Nov 29, 2019

I'm curious. If dndist does not parse replies to get the TTL, how does it manage its internal cache? How does it know how long to keep answers?

@phonedph1
Copy link
Contributor

@phonedph1 phonedph1 commented Nov 29, 2019

I think the implication is the DoH layer gets just a response data back that it then sends back off to the client, and that either needs to extract the TTL (again) or the DoH layer needs to get the response data plus some meta data on the response as well.

@bortzmeyer
Copy link

@bortzmeyer bortzmeyer commented Nov 30, 2019

or the DoH layer needs to get the response data plus some meta data on the response as well.

OK, thanks for the explanation, I think I have to read the code.

@rgacogne
Copy link
Member Author

@rgacogne rgacogne commented Dec 2, 2019

The short answer is that the lowest TTL is computed by parsing the answer only when it is first inserted in the cache. We also update the TTLs on a cache hit so technically we could retrieve the lowest TTL at that time, but we currently don't.
Still, this information is not passed to the DoH layer, so we would have to either do the parsing again or to store it in the DNSQuestion object and pass it along. It's also a bit more complicated by the fact that there simply might not be any cache enabled, so if we decided to pass it along, we would also need to handle the case where the lowest TTL has not been computed yet.
IMHO we should the easiest option first and always compute the lowest TTL at the DoH layer, even if we already computed it at the caching layer. I would be inclined to make the cache-control headers optional so that the parsing can be skipped but it might not be worth the additional complexity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants