REVISION "202408130000Z"
DESCRIPTION "Added metric for chain limits reached"
+ REVISION "202408280000Z"
+ DESCRIPTION "Added metric for too many incoming TCP connections"
+
::= { powerdns 2 }
powerdns OBJECT IDENTIFIER ::= { enterprises 43315 }
"Chain limits reached"
::= { stats 151 }
+tcpOverflow OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming TCP limits reached"
+ ::= { stats 152 }
+
---
--- Traps / Notifications
---
udrEvents,
maxChainLength,
maxChainWeight,
- chainLimits
+ chainLimits,
+ tcpOverflow
}
STATUS current
DESCRIPTION "Objects conformance group for PowerDNS Recursor"
number of tasks currently in the taskqueues
+.. _stat-tcp-overflow:
+
+tcp-overflow
+^^^^^^^^^^^^
+number of times an incoming TCP connection was closed immediately because there were too many open connections already
+
.. _stat-tcp-client-overflow:
tcp-client-overflow
static const oid10 maxChainLengthOID = {RECURSOR_STATS_OID, 149};
static const oid10 maxChainWeightOID = {RECURSOR_STATS_OID, 150};
static const oid10 chainLimitsOID = {RECURSOR_STATS_OID, 151};
+static const oid10 tcpOverflowOID = {RECURSOR_STATS_OID, 152};
static std::unordered_map<oid, std::string> s_statsMap;
registerCounter64Stat("udr-events", udrEventsOID);
registerCounter64Stat("max-chain-length", maxChainLengthOID);
registerCounter64Stat("max-chain-weight", maxChainWeightOID);
+ registerCounter64Stat("tcp-overflow", tcpOverflowOID);
#endif /* HAVE_NET_SNMP */
}
sourceDisallowedNotify, // when this is increased, qcounter is also
zoneDisallowedNotify, // when this is increased, qcounter is also
policyDrops,
+ tcpOverflow,
tcpClientOverflow,
clientParseError,
serverParseError,
if (newsock < 0) {
return;
}
- auto closeSock = [newsock](const string& msg) {
+ auto closeSock = [newsock](rec::Counter cnt, const string& msg) {
try {
closesocket(newsock);
+ t_Counters.at(cnt)++;
+ // We want this bump to percolate up without too much delay
+ t_Counters.updateSnap(false);
}
catch (const PDNSException& e) {
g_slogtcpin->error(Logr::Error, e.reason, msg, "exception", Logging::Loggable("PDNSException"));
};
if (TCPConnection::getCurrentConnections() >= g_maxTCPClients) {
- t_Counters.at(rec::Counter::tcpClientOverflow)++;
- closeSock("Error closing TCP socket after an overflow drop");
+ closeSock(rec::Counter::tcpOverflow, "Error closing TCP socket after an overflow drop");
return;
}
if (g_multiTasker->numProcesses() >= g_maxMThreads) {
- t_Counters.at(rec::Counter::overCapacityDrops)++;
- closeSock("Error closing TCP socket after an over capacity drop");
+ closeSock(rec::Counter::overCapacityDrops, "Error closing TCP socket after an over capacity drop");
return;
}
SLOG(g_log << Logger::Error << "[" << g_multiTasker->getTid() << "] dropping TCP query from " << mappedSource.toString() << ", address neither matched by allow-from nor proxy-protocol-from" << endl,
g_slogtcpin->info(Logr::Error, "dropping TCP query address neither matched by allow-from nor proxy-protocol-from", "source", Logging::Loggable(mappedSource)));
}
- t_Counters.at(rec::Counter::unauthorizedTCP)++;
- closeSock("Error closing TCP socket after an ACL drop");
+ closeSock(rec::Counter::unauthorizedTCP, "Error closing TCP socket after an ACL drop");
return;
}
if (g_maxTCPPerClient > 0 && t_tcpClientCounts->count(addr) > 0 && (*t_tcpClientCounts)[addr] >= g_maxTCPPerClient) {
- t_Counters.at(rec::Counter::tcpClientOverflow)++;
- closeSock("Error closing TCP socket after a client overflow drop");
+ closeSock(rec::Counter::tcpClientOverflow, "Error closing TCP socket after a client overflow drop");
return;
}
addGetStat("unauthorized-tcp", [] { return g_Counters.sum(rec::Counter::unauthorizedTCP); });
addGetStat("source-disallowed-notify", [] { return g_Counters.sum(rec::Counter::sourceDisallowedNotify); });
addGetStat("zone-disallowed-notify", [] { return g_Counters.sum(rec::Counter::zoneDisallowedNotify); });
+ addGetStat("tcp-overflow", [] { return g_Counters.sum(rec::Counter::tcpOverflow); });
addGetStat("tcp-client-overflow", [] { return g_Counters.sum(rec::Counter::tcpClientOverflow); });
addGetStat("client-parse-errors", [] { return g_Counters.sum(rec::Counter::clientParseError); });
{"tcp-client-overflow",
MetricDefinition(PrometheusMetricType::counter,
"Number of times an IP address was denied TCP access because it already had too many connections")},
+ {"tcp-overflow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of times a TCP connection was denied access because too many connections")},
{"tcp-clients",
MetricDefinition(PrometheusMetricType::gauge,
"Number of currently active TCP/IP clients")},
"""
def _checkStatsValues(self, results):
- count = 151
+ count = 152
for i in list(range(1, count)):
oid = self._snmpOID + '.1.' + str(i) + '.0'
self.assertTrue(oid in results)
projects / thirdparty / pdns.git / commitdiff
