auth: Add TTL settings for DNSSECKeeper's caches (key, medatada) #3807

Merged
merged 3 commits into from May 4, 2016

Projects

None yet

4 participants

@rgacogne
Member
rgacogne commented May 3, 2016

No description provided.

@zeha zeha commented on an outdated diff May 3, 2016
pdns/pdnsutil.cc
@@ -120,6 +120,8 @@ void loadMainConfig(const std::string& configdir)
::arg().set("soa-expire-default","Default SOA expire")="604800";
::arg().set("soa-minimum-ttl","Default SOA minimum ttl")="3600";
::arg().set("chroot","Switch to this chroot jail")="";
+ ::arg().set("dns-key-cache-ttl","Seconds to store domain DNS keys in cache")="30";
@zeha
zeha May 3, 2016 Collaborator

that could use a better description... without reading the code change I was unable to understand what this affects.

@Habbie
Member
Habbie commented May 3, 2016

LGTM other than zeha's nit. How about "Seconds to cache DNSSEC keys from the database" ?

@mind04
Contributor
mind04 commented May 3, 2016

And maybe ponder a bit what to do with 0 second ttls. Completely disable the cache like we do for the packet and query cache? Right now a ttl of 0 result in sub second caching for the remaining part of the current second.

@Habbie
Member
Habbie commented May 3, 2016

@mind04 agreed

@rgacogne rgacogne Better description for DNSSECKeeper's cache, 0 disables caching
* Fix the description of the new settings
* Setting a 0-TTL disables caching
* Only get the value once, as it's done for `max-nsec3-iterations`
030850a
@rgacogne
Member
rgacogne commented May 3, 2016

Pushed a new commit:

  • Fix the description of the new settings
  • Setting a 0-TTL disables caching
  • Only get the value once, as it's done for max-nsec3-iterations
@Habbie Habbie merged commit 85ab9a0 into PowerDNS:master May 4, 2016

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@rgacogne rgacogne deleted the rgacogne:auth-caches-ttl-settings branch May 4, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment