CNAME resolution support for the recursor.#2339
Conversation
|
The Maybe you missed something to commit? |
marcus0x62
force-pushed
the
recursor_cname
branch
5 times, most recently
from
0360c63 to
2e43a49
Compare
marcus0x62
requested review from
bluejekyll,
djc,
japaric,
listochkin and
pvdrz
as code owners
|
Is it possible for us to reuse the logic here in the caching_client for this? There's a lot of annoying details with CNAME recursion and other record types that also need to be resolved like CNAME. https://github.com/hickory-dns/hickory-dns/blob/main/crates/resolver/src/caching_client.rs#L336-L472 |
|
@bluejekyll I've been looking into this today, and while I need to do some more research, the first challenge I see is I don't think the record caching behavior (bundling the entire cname chain as one cache entry with the TTL set to the smallest TTL from the chain) is going to be optimal for the recursor, where having the records from the chain cached individually and according to the individual record TTL would be valuable/more efficient. As one example, a lot of CDN intermediate records are generic and will be used across multiple domains. Secondly, and while it isn't necessarily a "problem" for the recursor (in terms of not working,) the caching client CNAME implementation seems to be built around the idea that CNAME chains will be returned more or less complete and that encountering a partial CNAME chain is the exception to be handled at the end , whereas the recursor implementation is the opposite - it expects to not get the full chain and early in its loop kicks off a search for missing links. |
marcus0x62
force-pushed
the
recursor_cname
branch
2 times, most recently
from
9bab1a3 to
f7ef5cd
Compare
djc
left a comment
djc
left a comment
There was a problem hiding this comment.
LGTM overall, some small suggestions.
marcus0x62
force-pushed
the
recursor_cname
branch
3 times, most recently
from
a6efdcc to
e3e99ad
Compare
marcus0x62
force-pushed
the
recursor_cname
branch
from
e3e99ad to
456ba54
Compare
I wonder if we can create a method for doing this that would be reusable? The CachingClient implementation will issue additional requests if the chain is incomplete, fwiw. What I'm worried about is that we're going to have to maintain two different areas of code that will have nuances around CNAME, HTTPS, SVCB, etc, records. I'd love it if we could have that logic abstracted. If not part of this PR, maybe something in the future. |
marcus0x62
force-pushed
the
recursor_cname
branch
from
456ba54 to
f5e7bc1
Compare
I think that's doable, but I'd like to tackle it as a separate effort. Another thing that probably makes sense to unify is the DNSSEC post-processing we're doing in both places. The differences in caching behavior can probably be eliminated - it doesn't seem critical for the caching client to store the entire CNAME chain as a single record. The other big difference is the working copy of the response records at the time of CNAME resolution is in a DnsResponse on the caching client side and a LookupResult on the recursor side. I think that could be abstracted, or the CNAME resolution on the recursor side could be moved into lookup instead of resolve... |
marcus0x62
force-pushed
the
recursor_cname
branch
from
0d45cb6 to
7c7b4c6
Compare
marcus0x62
force-pushed
the
recursor_cname
branch
3 times, most recently
from
98234dd to
41742aa
Compare
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
…sor CNAME mechanism to add records to an existing lookup
marcus0x62
force-pushed
the
recursor_cname
branch
from
41742aa to
ee85315
Compare
4 participants
This PR adds support for CNAME resolution to the recursor, along with a set of related changes: