pdns/auth-packetcache.cc

   1 /*
   2  * This file is part of PowerDNS or dnsdist.
   3  * Copyright -- PowerDNS.COM B.V. and its contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * In addition, for the avoidance of any doubt, permission is granted to
  10  * link this program with OpenSSL and to (re)distribute the binaries
  11  * produced as the result of such linking.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22 #ifdef HAVE_CONFIG_H
  23 #include "config.h"
  24 #endif
  25 #include "auth-packetcache.hh"
  26 #include "logger.hh"
  27 #include "statbag.hh"
  28 #include "cachecleaner.hh"
  29 extern StatBag S;
  30
  31 const unsigned int AuthPacketCache::s_mincleaninterval, AuthPacketCache::s_maxcleaninterval;
  32
  33 AuthPacketCache::AuthPacketCache(size_t mapsCount): d_maps(mapsCount), d_lastclean(time(nullptr))
  34 {
  35   S.declare("packetcache-hit", "Number of hits on the packet cache");
  36   S.declare("packetcache-miss", "Number of misses on the packet cache");
  37   S.declare("packetcache-size", "Number of entries in the packet cache");
  38   S.declare("deferred-packetcache-inserts","Amount of packet cache inserts that were deferred because of maintenance");
  39   S.declare("deferred-packetcache-lookup","Amount of packet cache lookups that were deferred because of maintenance");
  40
  41   d_statnumhit=S.getPointer("packetcache-hit");
  42   d_statnummiss=S.getPointer("packetcache-miss");
  43   d_statnumentries=S.getPointer("packetcache-size");
  44 }
  45
  46 AuthPacketCache::~AuthPacketCache()
  47 {
  48   try {
  49     vector<WriteLock*> locks;
  50     for(auto& mc : d_maps) {
  51       locks.push_back(new WriteLock(&mc.d_mut));
  52     }
  53     for(auto wl : locks) {
  54       delete wl;
  55     }
  56   }
  57   catch(...) {
  58   }
  59 }
  60
  61 bool AuthPacketCache::get(DNSPacket& p, DNSPacket& cached)
  62 {
  63   if(!d_ttl) {
  64     return false;
  65   }
  66
  67   cleanupIfNeeded();
  68
  69   uint32_t hash = canHashPacket(p.getString());
  70   p.setHash(hash);
  71
  72   string value;
  73   bool haveSomething;
  74   time_t now = time(nullptr);
  75   auto& mc = getMap(p.qdomain);
  76   {
  77     TryReadLock rl(&mc.d_mut);
  78     if(!rl.gotIt()) {
  79       S.inc("deferred-packetcache-lookup");
  80       return false;
  81     }
  82
  83     haveSomething = getEntryLocked(mc.d_map, p.getString(), hash, p.qdomain, p.qtype.getCode(), p.d_tcp, now, value);
  84   }
  85
  86   if (!haveSomething) {
  87     (*d_statnummiss)++;
  88     return false;
  89   }
  90
  91   if(cached.noparse(value.c_str(), value.size()) < 0) {
  92     return false;
  93   }
  94
  95   (*d_statnumhit)++;
  96   cached.spoofQuestion(p); // for correct case
  97   cached.qdomain = p.qdomain;
  98   cached.qtype = p.qtype;
  99
 100   return true;
 101 }
 102
 103 bool AuthPacketCache::entryMatches(cmap_t::index<HashTag>::type::iterator& iter, const std::string& query, const DNSName& qname, uint16_t qtype, bool tcp)
 104 {
 105   return iter->tcp == tcp && iter->qtype == qtype && iter->qname == qname && queryMatches(iter->query, query, qname);
 106 }
 107
 108 void AuthPacketCache::insert(DNSPacket& q, DNSPacket& r, unsigned int maxTTL)
 109 {
 110   if(!d_ttl) {
 111     return;
 112   }
 113
 114   cleanupIfNeeded();
 115
 116   if (ntohs(q.d.qdcount) != 1) {
 117     return; // do not try to cache packets with multiple questions
 118   }
 119
 120   if (q.qclass != QClass::IN) // we only cache the INternet
 121     return;
 122
 123   uint32_t ourttl = std::min(d_ttl, maxTTL);
 124   if (ourttl == 0) {
 125     return;
 126   }
 127
 128   uint32_t hash = q.getHash();
 129   time_t now = time(nullptr);
 130   CacheEntry entry;
 131   entry.hash = hash;
 132   entry.created = now;
 133   entry.ttd = now + ourttl;
 134   entry.qname = q.qdomain;
 135   entry.qtype = q.qtype.getCode();
 136   entry.value = r.getString();
 137   entry.tcp = r.d_tcp;
 138   entry.query = q.getString();
 139
 140   auto& mc = getMap(entry.qname);
 141   {
 142     TryWriteLock l(&mc.d_mut);
 143     if (!l.gotIt()) {
 144       S.inc("deferred-packetcache-inserts");
 145       return;
 146     }
 147
 148     auto& idx = mc.d_map.get<HashTag>();
 149     auto range = idx.equal_range(hash);
 150     auto iter = range.first;
 151
 152     for( ; iter != range.second ; ++iter)  {
 153       if (!entryMatches(iter, entry.query, entry.qname, entry.qtype, entry.tcp)) {
 154         continue;
 155       }
 156
 157       iter->value = entry.value;
 158       iter->ttd = now + ourttl;
 159       iter->created = now;
 160       return;
 161     }
 162
 163     /* no existing entry found to refresh */
 164     mc.d_map.insert(entry);
 165     (*d_statnumentries)++;
 166   }
 167 }
 168
 169 bool AuthPacketCache::getEntryLocked(cmap_t& map, const std::string& query, uint32_t hash, const DNSName &qname, uint16_t qtype, bool tcp, time_t now, string& value)
 170 {
 171   auto& idx = map.get<HashTag>();
 172   auto range = idx.equal_range(hash);
 173
 174   for(auto iter = range.first; iter != range.second ; ++iter)  {
 175     if (iter->ttd < now) {
 176       continue;
 177     }
 178
 179     if (!entryMatches(iter, query, qname, qtype, tcp)) {
 180       continue;
 181     }
 182
 183     value = iter->value;
 184     return true;
 185   }
 186
 187   return false;
 188 }
 189
 190 /* clears the entire cache. */
 191 uint64_t AuthPacketCache::purge()
 192 {
 193   if(!d_ttl) {
 194     return 0;
 195   }
 196
 197   d_statnumentries->store(0);
 198
 199   return purgeLockedCollectionsVector(d_maps);
 200 }
 201
 202 uint64_t AuthPacketCache::purgeExact(const DNSName& qname)
 203 {
 204   auto& mc = getMap(qname);
 205   uint64_t delcount = purgeExactLockedCollection<NameTag>(mc, qname);
 206
 207   *d_statnumentries -= delcount;
 208
 209   return delcount;
 210 }
 211
 212 /* purges entries from the packetcache. If match ends on a $, it is treated as a suffix */
 213 uint64_t AuthPacketCache::purge(const string &match)
 214 {
 215   if(!d_ttl) {
 216     return 0;
 217   }
 218
 219   uint64_t delcount = 0;
 220
 221   if(ends_with(match, "$")) {
 222     delcount = purgeLockedCollectionsVector<NameTag>(d_maps, match);
 223     *d_statnumentries -= delcount;
 224   }
 225   else {
 226     delcount = purgeExact(DNSName(match));
 227   }
 228
 229   return delcount;
 230 }
 231
 232 void AuthPacketCache::cleanup()
 233 {
 234   uint64_t maxCached = d_maxEntries;
 235   uint64_t cacheSize = *d_statnumentries;
 236   uint64_t totErased = 0;
 237
 238   totErased = pruneLockedCollectionsVector<SequencedTag>(d_maps, maxCached, cacheSize);
 239   *d_statnumentries -= totErased;
 240
 241   DLOG(g_log<<"Done with cache clean, cacheSize: "<<(*d_statnumentries)<<", totErased"<<totErased<<endl);
 242 }
 243
 244 /* the logic:
 245    after d_nextclean operations, we clean. We also adjust the cleaninterval
 246    a bit so we slowly move it to a value where we clean roughly every 30 seconds.
 247
 248    If d_nextclean has reached its maximum value, we also test if we were called
 249    within 30 seconds, and if so, we skip cleaning. This means that under high load,
 250    we will not clean more often than every 30 seconds anyhow.
 251 */
 252
 253 void AuthPacketCache::cleanupIfNeeded()
 254 {
 255   if (d_ops++ == d_nextclean) {
 256     time_t now = time(nullptr);
 257     int timediff = max((int)(now - d_lastclean), 1);
 258
 259     DLOG(g_log<<"cleaninterval: "<<d_cleaninterval<<", timediff: "<<timediff<<endl);
 260
 261     if (d_cleaninterval == s_maxcleaninterval && timediff < 30) {
 262       d_cleanskipped = true;
 263       d_nextclean += d_cleaninterval;
 264
 265       DLOG(g_log<<"cleaning skipped, timediff: "<<timediff<<endl);
 266
 267       return;
 268     }
 269
 270     if(!d_cleanskipped) {
 271       d_cleaninterval=(int)(0.6*d_cleaninterval)+(0.4*d_cleaninterval*(30.0/timediff));
 272       d_cleaninterval=std::max(d_cleaninterval, s_mincleaninterval);
 273       d_cleaninterval=std::min(d_cleaninterval, s_maxcleaninterval);
 274
 275       DLOG(g_log<<"new cleaninterval: "<<d_cleaninterval<<endl);
 276     } else {
 277       d_cleanskipped = false;
 278     }
 279
 280     d_nextclean += d_cleaninterval;
 281     d_lastclean=now;
 282     cleanup();
 283   }
 284 }