Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Add a function to set the UDP recv/snd buffer sizes #11008

Merged
merged 5 commits into from Nov 22, 2021

Conversation

rgacogne
Copy link
Member

@rgacogne rgacogne commented Nov 18, 2021

Short description

And raise them to 16777216 by default. Although perhaps we should only do that on Linux?

This PR also refactors the functions duplicated in the recursor, calidns and dnsreplay and therefore impacts the auth and the rec.

Closes #10898.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@@ -3744,7 +3722,12 @@ static void makeUDPServerSockets(deferredAdd_t& deferredAdds)

setCloseOnExec(fd);

setSocketReceiveBuffer(fd, 250000);
try {
setSocketReceiveBuffer(fd, 25000);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this value supposed to change from before?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not at all, thanks a lot!

Copy link
Member

@omoerbeek omoerbeek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A nit for the OpenBSD case.

pdns/dnsdist.cc Outdated
@@ -141,6 +141,8 @@ bool g_servFailOnNoPolicy{false};
bool g_truncateTC{false};
bool g_fixupCase{false};
bool g_dropEmptyQueries{false};
uint32_t g_socketUDPSendBuffer{16777216};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is quite greedy, on OpenBSD:

Unable to raise socket buffer size to 16777216: No buffer space available
Unable to raise socket buffer size to 16777216: No buffer space available

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, I was afraid of something like that. I now see that the default on Linux is likely smaller than that on most distributions (212992 on x86_64, 163840 on 32 bits). So I see three options:

  • a smaller default value, like the recursor does, perhaps 160k?
  • default value of 0 so we keep the system default
  • default value of 0 except for Linux, where we set something like 200k?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

250000 works on OpenBSD. so a default of that (or smaller) for dnsdist would work for me

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On all Linux distributions I checked, rmem_default == rmem_max and wmem_default == wmem_max by default, so we would not be able to raise the value. So I guess doing nothing by default makes more sense, and the administrator can set higher values if needed.

@omoerbeek
Copy link
Member

omoerbeek commented Nov 19, 2021

The failing recursor regression tests seem to fail to start the auth... ??

@github-actions
Copy link

github-actions bot commented Nov 19, 2021

@check-spelling-bot Report

Unrecognized words, please review:

  • rmem
  • wmem
To accept these unrecognized words as correct, run the following commands

... in a clone of the git@github.com:rgacogne/pdns.git repository
on the ddist-raise-socket-buffers branch:

update_files() {
perl -e '
my $new_expect_file=".github/actions/spell-check/expect.txt";
use File::Path qw(make_path);
use File::Basename qw(dirname);
make_path (dirname($new_expect_file));
open FILE, q{<}, $new_expect_file; chomp(my @words = <FILE>); close FILE;
my @add=qw('"$patch_add"');
my %items; @items{@words} = @words x (1); @items{@add} = @add x (1);
@words = sort {lc($a)."-".$a cmp lc($b)."-".$b} keys %items;
open FILE, q{>}, $new_expect_file; for my $word (@words) { print FILE "$word\n" if $word =~ /\w/; };
close FILE;
system("git", "add", $new_expect_file);
'
}

comment_json=$(mktemp)
curl -L -s -S \
  --header "Content-Type: application/json" \
  "https://api.github.com/repos/PowerDNS/pdns/issues/comments/974104137" > "$comment_json"
comment_body=$(mktemp)
jq -r .body < "$comment_json" > $comment_body
rm $comment_json

patch_add=$(perl -e '$/=undef;
$_=<>;
s{<details>.*}{}s;
s{^#.*}{};
s{\n##.*}{};
s{(?:^|\n)\s*\*}{}g;
s{\s+}{ }g;
print' < "$comment_body")
  
update_files
rm $comment_body
git add -u
If the flagged items do not appear to be text

If items relate to a ...

  • well-formed pattern.

    If you can write a pattern that would match it,
    try adding it to the patterns.txt file.

    Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

    Note that patterns can't match multiline strings.

  • binary file.

    Please add a file path to the excludes.txt file matching the containing file.

    File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

    ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

Copy link
Member

@omoerbeek omoerbeek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now wondering why rec only sets the receive buffer size and not the send buffer size. A peak in incoming request normally also leaks to a peak in replies I would say. But that's a different issue.

@rgacogne
Copy link
Member Author

Now wondering why rec only sets the receive buffer size and not the send buffer size. A peak in incoming request normally also leaks to a peak in replies I would say.

Agreed. The good news is that raising net.core.wmem_default is enough to fix that, but it would be nice to do it by default.

@rgacogne rgacogne merged commit 80a863c into PowerDNS:master Nov 22, 2021
@rgacogne rgacogne deleted the ddist-raise-socket-buffers branch November 22, 2021 08:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

dnsdist: Ponder automatically raising SO_RCVBUF/SO_SNDBUF
3 participants