}
try {
+ setDscp(fd, d_config.remote.sin4.sin_family, d_config.dscp);
SConnect(fd, d_config.remote);
if (sockets.size() > 1) {
(*mplexer.lock())->addReadFD(fd, [](int, boost::any) {});
dnsdist::ServiceDiscovery::addUpgradeableServer(downstream, autoUpgradeConf.interval, std::string(autoUpgradeConf.pool), autoUpgradeConf.doh_key, autoUpgradeConf.keep);
}
+ backendConfig.dscp = config.dscp;
+
return downstream;
}
getOptionalValue<bool>(vars, "enableRenegotiation", config.d_tlsParams.d_enableRenegotiation);
getOptionalValue<bool>(vars, "ktls", config.d_tlsParams.d_ktls);
getOptionalValue<std::string>(vars, "subjectName", config.d_tlsSubjectName);
+ getOptionalIntegerValue("newServer", vars, "dscp", config.dscp);
if (vars->count("keyLogFile") > 0) {
#ifdef HAVE_SSL_CTX_SET_KEYLOG_CALLBACK
cpus: String,
#[serde(default, skip_serializing_if = "crate::is_default")]
xsk: String,
+ #[serde(default, skip_serializing_if = "crate::is_default")]
+ dscp: u8,
}
#[derive(Deserialize, Serialize, Debug, PartialEq)]
type: "String"
default: ""
description: "The name of an XSK sockets map to attach to this frontend, if any"
+ - name: "dscp"
+ type: "u8"
+ default: 0
+ description: "The DSCP marking value to be applied. Range 0-63. Default is 0 which means no action for DSCP marking."
tuning:
description: "Tuning settings"
the other end to acknowledge our initial packet before we could
send the rest. */
setTCPNoDelay(socket.getHandle());
+ setDscp(socket.getHandle(), d_ds->d_config.remote.sin4.sin_family, d_ds->d_config.dscp);
#ifdef SO_BINDTODEVICE
if (!d_ds->d_config.sourceItfName.empty()) {
uint8_t maxCheckFailures{1};
uint8_t minRiseSuccesses{1};
uint8_t udpTimeout{0};
+ uint8_t dscp{0};
Availability availability{Availability::Auto};
bool d_tlsSubjectIsAddr{false};
bool mustResolve{false};
``xskSockets`` ``array`` "An array of :class:`XskSocket` objects to enable ``XSK`` / ``AF_XDP`` support for this backend. See :doc:`../advanced/xsk` for more information."
``MACAddr`` ``str`` "When the ``xskSocket`` option is set, this parameter can be used to specify the destination MAC address to use to reach the backend. If this options is not specified, dnsdist will try to get it from the IP of the backend by looking into the system's MAC address table, but it will fail if the corresponding MAC address is not present."
``keyLogFile`` ``str`` "Write the TLS keys in the specified file so that an external program can decrypt TLS exchanges, in the format described in https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. Note that this feature requires OpenSSL >= 1.1.1."
+ ``dscp`` ``number`` "The DSCP marking value to be applied. Range 0-63. Default is 0 which means no action for DSCP marking."
.. function:: getServer(index) -> Server
- **mac_address**: String ``("")`` - When the ``xsk`` option is set, this parameter can be used to specify the destination MAC address to use to reach the backend. If this options is not specified, dnsdist will try to get it from the IP of the backend by looking into the system's MAC address table, but it will fail if the corresponding MAC address is not present
- **cpus**: String ``("")`` - Set the CPU affinity for this thread, asking the scheduler to run it on a single CPU id, or a set of CPU ids. This parameter is only available if the OS provides the ``pthread_setaffinity_np()`` function
- **xsk**: String ``("")`` - The name of an XSK sockets map to attach to this frontend, if any
+- **dscp**: Unsigned integer ``(0)`` - The DSCP marking value to be applied. Range 0-63. Default is 0 which means no action for DSCP marking.
.. _yaml-settings-BindConfiguration:
return true;
}
+void setDscp(int sock, unsigned short family, uint8_t dscp)
+{
+ int val;
+ unsigned int len;
+
+ if (dscp == 0 || dscp > 63) {
+ // No DSCP marking
+ return;
+ }
+
+ if (family == AF_INET) {
+ if (getsockopt(sock, IPPROTO_IP, IP_TOS, &val, &len)<0) {
+ throw std::runtime_error(string("Set DSCP failed: ")+stringerror());
+ }
+ val = (dscp<<2) | (val&0x3);
+ if (setsockopt(sock, IPPROTO_IP, IP_TOS, &val, sizeof(val))<0) {
+ throw std::runtime_error(string("Set DSCP failed: ")+stringerror());
+ }
+ }
+ else if (family == AF_INET6) {
+ if (getsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, &val, &len)<0) {
+ throw std::runtime_error(string("Set DSCP failed: ")+stringerror());
+ }
+ val = (dscp<<2) | (val&0x3);
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, &val, sizeof(val))<0) {
+ throw std::runtime_error(string("Set DSCP failed: ")+stringerror());
+ }
+ }
+}
+
bool isNonBlocking(int sock)
{
int flags=fcntl(sock,F_GETFL,0);
//! Sets the socket into blocking mode.
bool setBlocking( int sock );
+void setDscp(int sock, unsigned short family, uint8_t dscp);
+
//! Sets the socket into non-blocking mode.
bool setNonBlocking( int sock );
bool setTCPNoDelay(int sock);
projects / thirdparty / pdns.git / commitdiff
