Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make dnsdist dynamic truncate do right thing on TCP/IP #5647

Merged
merged 3 commits into from Aug 28, 2017
Merged

Make dnsdist dynamic truncate do right thing on TCP/IP #5647

merged 3 commits into from Aug 28, 2017

Conversation

ahupowerdns
Copy link
Contributor

@ahupowerdns ahupowerdns commented Aug 24, 2017
edited

Winfried noted that our new dynamic truncation rule worked fine on UDP, but on TCP/IP a truncate would be converted into a drop, which was not the intended effect.
This commit makes dynamic truncate a NOOP on TCP.

Short description

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled and tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)
  • checked that this code was merged to master

@ahupowerdns
Make dnsdist dynamic truncate do right thing on TCP/IP
8477236 
Winfried noted that our new dynamic truncation rule worked fine on UDP, but on TCP/IP a truncate would be converted into a drop, which was not the intended effect.
This commit makes dynamic truncate a NOOP on TCP.
@ahupowerdns
Copy link
Contributor Author

Note: there is already a test that should have caught this bug. However, that test did not function it appears. Still investigating.

@ahupowerdns
Copy link
Contributor Author

test_DynBlocks.py:TestDynBlockQPSActionTruncated.testDynBlocksQRate

pieterlexis
pieterlexis approved these changes Aug 25, 2017
View reviewed changes
Copy link
Contributor

@pieterlexis pieterlexis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 nits, 2 questions. Test and code look as advertised in the PR 👍

pdns/dnsdist.cc
dq.dh->qr = true;
return true;
}
else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Personally, I am not a fan superfluous else statements. As there is already a return in the body of the if.

pdns/dnsdist.cc
}
else {
vinfolog("Query from %s for %s over TCP *not* truncated because of dynamic block", dq.remote->toStringWithPort(), dq.qname->toString());
}
}
else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this block also do

g_stats.dynBlocked++;
got->blocks++;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See above.

pdns/dnsdist.cc
else {
vinfolog("Query from %s for %s over TCP *not* truncated because of dynamic block", dq.remote->toStringWithPort(), dq.qname->toString());
}

}
else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this block also do

g_stats.dynBlocked++;
got->blocks++;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, it precisely should not do that - on TCP "truncate" does nothing.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is in the 'dropped' block

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch, redoing.

pdns/dnsdist.cc
dq.dh->qr = true;
return true;
}
else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Personally, I am not a fan superfluous else statements. As there is already a return in the body of the if.

@ahupowerdns ahupowerdns merged commit 9600dfc into PowerDNS:master Aug 28, 2017
rgacogne added a commit to rgacogne/pdns that referenced this pull request Feb 13, 2018
@rgacogne
Backport PowerDNS#5647
c5c99bb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pieterlexis pieterlexis pieterlexis approved these changes

Assignees
No one assigned
Labels
dnsdist enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ahupowerdns @pieterlexis @aerique