From: Otto Moerbeek Date: Wed, 6 Apr 2022 08:45:18 +0000 (+0200) Subject: Only probe somewhat popular auths; i.e. auths that are revisited at least once X-Git-Tag: rec-4.7.0-beta1^2~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3ebb75284967867b985f8baed28dd43e65b9bf4f;p=thirdparty%2Fpdns.git Only probe somewhat popular auths; i.e. auths that are revisited at least once --- diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index 005be69d9c..46d65110f1 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -1075,7 +1075,7 @@ See :ref:`hooks-maintenance-callback` - Integer - Default: 0 -Limit the maxmium number of simultaneous DoT probes the Recursor will schedule. +Limit the maximum number of simultaneous DoT probes the Recursor will schedule. The default value 0 means no DoT probes are scheduled. DoT probes are used to check if an authoritative server's IP address supports DoT. diff --git a/pdns/recursordist/taskqueue.hh b/pdns/recursordist/taskqueue.hh index 99f82ca7c8..8740130f7e 100644 --- a/pdns/recursordist/taskqueue.hh +++ b/pdns/recursordist/taskqueue.hh @@ -55,7 +55,7 @@ struct ResolveTask // Whether to run this task in regular mode (false) or in the mode that refreshes almost expired tasks bool d_refreshMode; // Use a function pointer as comparing std::functions is a nuisance - using TaskFunction = void (*)(const struct timeval& now, bool logErrors, const ResolveTask& task); + using TaskFunction = void (*)(const struct timeval& now, bool logErrors, const ResolveTask& task); TaskFunction d_func; // IP used by DoT probe tasks ComboAddress d_ip; diff --git a/pdns/syncres.cc b/pdns/syncres.cc index cef04a77f8..9f868d0f08 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -288,10 +288,15 @@ static LockGuarded> s_nonresolving; struct DoTStatus { + DoTStatus(const ComboAddress& ip, const DNSName& auth, time_t ttd) : + d_address(ip), d_auth(auth), d_ttd(ttd) + { + } enum Status : uint8_t { Unknown, Busy, Bad, Good }; const ComboAddress d_address; const DNSName d_auth; time_t d_ttd; + mutable uint64_t d_count{0}; mutable Status d_status{Unknown}; std::string toString() const { @@ -1217,7 +1222,7 @@ uint64_t SyncRes::doDumpDoTProbeMap(int fd) return 0; } fprintf(fp.get(), "; DoT probing map follows"); - fprintf(fp.get(), "; ip\tstatus\tttd\n"); + fprintf(fp.get(), "; ip\tdomain\tcount\tstatus\tttd\n"); uint64_t count=0; // We get a copy, so the I/O does not need to happen while holding the lock @@ -1229,7 +1234,7 @@ uint64_t SyncRes::doDumpDoTProbeMap(int fd) for (const auto& i : copy.d_map) { count++; char tmp[26]; - fprintf(fp.get(), "%s\t%s\t%s\t%s\n", i.d_address.toString().c_str(), i.d_auth.toString().c_str(), i.toString().c_str(), timestamp(i.d_ttd, tmp, sizeof(tmp))); + fprintf(fp.get(), "%s\t%s\t%" PRIu64 "\t%s\t%s\n", i.d_address.toString().c_str(), i.d_auth.toString().c_str(), i.d_count, i.toString().c_str(), timestamp(i.d_ttd, tmp, sizeof(tmp))); } return count; } @@ -4751,6 +4756,10 @@ static void submitTryDotTask(ComboAddress address, const DNSName& auth, time_t n if (it->d_status == DoTStatus::Good) { return; } + // We only want to probe auths that we have seen before, auth that only come around once are not interesting + if (it->d_status == DoTStatus::Unknown && it->d_count == 0) { + return; + } } lock->d_map.modify(it, [=] (DoTStatus& st){ st.d_ttd = now + dotFailWait; }); bool pushed = pushTryDoTTask(auth, QType::SOA, address, std::numeric_limits::max()); @@ -4766,9 +4775,9 @@ static bool shouldDoDoT(ComboAddress address, time_t now) auto lock = s_dotMap.lock(); auto it = lock->d_map.find(address); if (it == lock->d_map.end()) { - // Pruned... return false; } + it->d_count++; if (it->d_status == DoTStatus::Good && it->d_ttd > now) { return true; }