From: Ondřej Surý Date: Sat, 17 Jan 2026 08:56:31 +0000 (+0100) Subject: Remove 'unlimited' setting for the max-cache-size X-Git-Tag: v9.21.21~3^2~4 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d7c99c14fcc007314ea18ea7ff40bead4cdb519a;p=thirdparty%2Fbind9.git Remove 'unlimited' setting for the max-cache-size Since TTL-based cache cleaning has been removed, an unlimited max-cache-size would eventually exhaust system memory. Both 'max-cache-size unlimited;' and 'max-cache-size 0;' now fall back to the default value (90% of physical memory for recursive views). --- diff --git a/bin/named/server.c b/bin/named/server.c index 8deb3e7cb5e..6d6fabc707e 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -3872,17 +3872,27 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, } } + if (max_cache_size == 0) { + cfg_obj_log(obj, ISC_LOG_WARNING, + "'max-cache-size' can't be zero or unlimited; " + "falling back to default"); + max_cache_size = SIZE_AS_PERCENT; + max_cache_size_percent = 90; + } + if (max_cache_size == SIZE_AS_PERCENT) { uint64_t totalphys = isc_meminfo_totalphys(); - max_cache_size = - (size_t)(totalphys * max_cache_size_percent / 100); if (totalphys == 0) { - cfg_obj_log(obj, ISC_LOG_WARNING, + cfg_obj_log(obj, ISC_LOG_ERROR, "Unable to determine amount of physical " - "memory, setting 'max-cache-size' to " - "unlimited"); + "memory, setting 'max-cache-size' to the " + "minimum value"); + max_cache_size = 1; } else { + max_cache_size = (size_t)(totalphys * + max_cache_size_percent / 100); + cfg_obj_log(obj, ISC_LOG_INFO, "'max-cache-size %d%%' " "- setting to %" PRIu64 "MB " diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 4abd94e192a..9964718dd65 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3832,9 +3832,12 @@ system. - 2 MB for views with :any:`recursion` set to ``no``. Any positive value smaller than 2 MB is ignored and reset to 2 MB. - The keyword ``unlimited``, or the value ``0``, places no limit on the - cache size; records are then purged from the cache only when they - expire (according to their TTLs). + + .. warning:: + + Previously, the keyword ``unlimited``, or the value ``0``, placed + no limit on the cache size; this is no longer permitted as + TTL-based cleaning has been removed from :iscman:`named`. .. note:: @@ -3847,7 +3850,7 @@ system. .. note:: :any:`max-cache-size` does not work reliably for a maximum - amount of memory of 100 MB or lower. + amount of memory of 256 MB or lower. Upon startup and reconfiguration, caches with a limited size preallocate a small amount of memory (less than 1% of @@ -3856,10 +3859,13 @@ system. internal cache structures. On systems where detection of the amount of physical memory is not - supported, percentage-based values fall back to ``unlimited``. Note - that the amount of physical memory available is only detected on - startup, so :iscman:`named` does not adjust the cache size limits if the - amount of physical memory is changed at runtime. + supported, the :iscman:`named` will fail to start. + + .. note:: + + The amount of physical memory available is only detected on startup, so + :iscman:`named` does not adjust the cache size limits if the amount of + physical memory is changed at runtime. On Linux, the system administrator can use `cgroup`_ (Control Group) mechanism to limit the amount of available memory to the process. This limit diff --git a/lib/dns/cache.c b/lib/dns/cache.c index e60eadfb44e..ca3a6415742 100644 --- a/lib/dns/cache.c +++ b/lib/dns/cache.c @@ -213,11 +213,7 @@ static void updatewater(dns_cache_t *cache) { size_t hi = cache->size - (cache->size >> 3); /* ~ 7/8ths. */ size_t lo = cache->size - (cache->size >> 2); /* ~ 3/4ths. */ - if (cache->size == 0U || hi == 0U || lo == 0U) { - isc_mem_clearwater(cache->tmctx); - } else { - isc_mem_setwater(cache->tmctx, hi, lo); - } + isc_mem_setwater(cache->tmctx, hi, lo); } void @@ -228,7 +224,7 @@ dns_cache_setcachesize(dns_cache_t *cache, size_t size) { * Impose a minimum cache size; pathological things happen if there * is too little room. */ - if (size != 0U && size < DNS_CACHE_MINSIZE) { + if (size < DNS_CACHE_MINSIZE) { size = DNS_CACHE_MINSIZE; } diff --git a/lib/dns/include/dns/cache.h b/lib/dns/include/dns/cache.h index e4286b2bc4a..c2f0ba7a47f 100644 --- a/lib/dns/include/dns/cache.h +++ b/lib/dns/include/dns/cache.h @@ -130,7 +130,7 @@ dns_cache_getname(dns_cache_t *cache); void dns_cache_setcachesize(dns_cache_t *cache, size_t size); /*%< - * Set the maximum cache size. 0 means unlimited. + * Set the maximum cache size. */ size_t