Implement setting and rewrite the unThrottle logic a bit

diff --git a/pdns/recursordist/rec-main.cc b/pdns/recursordist/rec-main.cc
index 09bf5acf8dd5943518bd0b4677c49ad3d40fa705..43d125f236b01ec41aff0462f6e2e6c004701fb6 100644 (file)
--- a/pdns/recursordist/rec-main.cc
+++ b/pdns/recursordist/rec-main.cc
@@ -1641,6 +1641,7 @@ static int initSyncRes(Logr::log_t log)
 
   SyncRes::s_serverdownmaxfails = ::arg().asNum("server-down-max-fails");
   SyncRes::s_serverdownthrottletime = ::arg().asNum("server-down-throttle-time");
+  SyncRes::s_unthrottle_n = ::arg().asNum("server-down-use-probability");
   SyncRes::s_nonresolvingnsmaxfails = ::arg().asNum("non-resolving-ns-max-fails");
   SyncRes::s_nonresolvingnsthrottletime = ::arg().asNum("non-resolving-ns-throttle-time");
   SyncRes::s_serverID = ::arg()["server-id"];

diff --git a/pdns/recursordist/settings/table.py b/pdns/recursordist/settings/table.py
index b1f14c7fa6a02e9fb3ab8d3848adb622561e1fda..ab7e1ceb8e961ef7197c061e8e86684b3e7f85cd 100644 (file)
--- a/pdns/recursordist/settings/table.py
+++ b/pdns/recursordist/settings/table.py
@@ -2154,6 +2154,19 @@ Even a single response packet will drop the block.
 Throttle a server that has failed to respond :ref:`setting-server-down-max-fails` times for this many seconds.
  ''',
     },
+    {
+        'name' : 'server_down_use_probability',
+        'section' : 'recursor',
+        'type' : LType.Uint64,
+        'default' : '25',
+        'help' : 'Determines the probability of a server marked down to be used anyway',
+        'doc' : '''
+This setting determines the probability of a server marked down to be used anyway.
+A value of ``n`` means that the chance of a server marked down being used after it wins speed selection is is ``1/n``.
+If this setting is zero this mechanism is not active.
+        ''',
+        'versionadded': '5.0.0'
+    },
     {
         'name' : 'server_id',
         'section' : 'recursor',

diff --git a/pdns/recursordist/syncres.cc b/pdns/recursordist/syncres.cc
index 2fdf209df88246e47a02174dada52715652c0f5d..57a91f980d44f1d0040d2010e7474ad50065d321 100644 (file)
--- a/pdns/recursordist/syncres.cc
+++ b/pdns/recursordist/syncres.cc
@@ -443,7 +443,7 @@ unsigned int SyncRes::s_packetcacheservfailttl;
 unsigned int SyncRes::s_packetcachenegativettl;
 unsigned int SyncRes::s_serverdownmaxfails;
 unsigned int SyncRes::s_serverdownthrottletime;
-unsigned int SyncRes::s_unthrottle_n = 100;
+unsigned int SyncRes::s_unthrottle_n;
 unsigned int SyncRes::s_nonresolvingnsmaxfails;
 unsigned int SyncRes::s_nonresolvingnsthrottletime;
 unsigned int SyncRes::s_ecscachelimitttl;
@@ -1240,12 +1240,15 @@ bool SyncRes::isThrottled(time_t now, const ComboAddress& server, const DNSName&
 
 bool SyncRes::isThrottled(time_t now, const ComboAddress& server)
 {
-  // Give fully throttled servers a chance to be used, to avoid having one bad domain spoil the NS record for others usingf the same NS
-  // If the NS answers, it will be unThrottled immediately
-  if (dns_random(s_unthrottle_n) == 0) {
-    return false;
+  auto throttled = s_throttle.lock()->shouldThrottle(now, std::tuple(server, g_rootdnsname, 0));
+  if (throttled) {
+    // Give fully throttled servers a chance to be used, to avoid having one bad zone spoil the NS
+    // record for others using the same NS. If the NS answers, it will be unThrottled immediately
+    if (s_unthrottle_n > 0 && dns_random(s_unthrottle_n) == 0) {
+      throttled = false;
+    }
   }
-  return s_throttle.lock()->shouldThrottle(now, std::tuple(server, g_rootdnsname, 0));
+  return throttled;
 }
 
 void SyncRes::unThrottle(const ComboAddress& server, const DNSName& name, QType qtype)