more visible. New logging category "edns-disabled".
[RT #16871]
+2190. [func] Make fallback to plain DNS from EDNS due to timeouts
+ more visible. New logging category "edns-disabled".
+ [RT #16871]
+
2189. [bug] Handle socket() returning EINTR. [RT #15949]
2188. [contrib] queryperf: autoconf changes to make the search for
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- File: $Id: Bv9ARM-book.xml,v 1.324 2007/05/16 04:33:28 marka Exp $ -->
+<!-- File: $Id: Bv9ARM-book.xml,v 1.325 2007/05/21 02:03:22 marka Exp $ -->
<book xmlns:xi="http://www.w3.org/2001/XInclude">
<title>BIND 9 Administrator Reference Manual</title>
</para>
</entry>
</row>
- </tbody>
- </tgroup>
- </informaltable>
- </sect3>
+ <row rowsep="0">
+ <entry colname="1">
+ <para><command>edns-disabled</command></para>
+ </entry>
+ <entry colname="2">
+ <para>
+ Log queries that have been forced to use plain
+ DNS due to timeouts. This is often due to
+ the remote servers not being RFC 1034 compliant
+ (not always returning FORMERR or similar to
+ EDNS queries and other extension to the DNS
+ when they are not understood). i.e. this is
+ targeted at servers that fail to respond to
+ DNS queries that they don't understand.
+ </para>
+ <para>
+ Note: the log message can be also due to
+ packet loss. Before reporting servers for
+ non RFC 1034 compliance they should be re-tested
+ to determine the nature of of the non-compliance.
+ This testing should prevent / reduce the
+ number of false positive reports.
+ </para>
+ <para>
+ Note: eventually named will have to stop
+ treating such timeouts as due to RFC 1034 non
+ compliance and start treating it as plain
+ packet loss as falsely classifying packet
+ loss as due to RFC 1034 non compliance impacts
+ on DNSSEC validation.
+ </para>
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+ </sect3>
</sect2>
<sect2>
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: log.h,v 1.39 2006/12/22 01:59:43 marka Exp $ */
+/* $Id: log.h,v 1.40 2007/05/21 02:03:22 marka Exp $ */
/*! \file dns/log.h
* \author Principal Authors: DCL */
#define DNS_LOGCATEGORY_DISPATCH (&dns_categories[8])
#define DNS_LOGCATEGORY_LAME_SERVERS (&dns_categories[9])
#define DNS_LOGCATEGORY_DELEGATION_ONLY (&dns_categories[10])
+#define DNS_LOGCATEGORY_EDNS_DISABLED (&dns_categories[11])
/* Backwards compatibility. */
#define DNS_LOGCATEGORY_GENERAL ISC_LOGCATEGORY_GENERAL
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: log.c,v 1.42 2006/12/22 01:59:43 marka Exp $ */
+/* $Id: log.c,v 1.43 2007/05/21 02:03:22 marka Exp $ */
/*! \file */
{ "dispatch", 0 },
{ "lame-servers", 0 },
{ "delegation-only", 0 },
+ { "edns-disabled", 0 },
{ NULL, 0 }
};
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resolver.c,v 1.346 2007/03/29 04:13:22 marka Exp $ */
+/* $Id: resolver.c,v 1.347 2007/05/21 02:03:22 marka Exp $ */
/*! \file */
ISC_LIST_INITANDAPPEND(fctx->edns512, sa, link);
}
+static inline void
+log_edns(fetchctx_t *fctx) {
+ char domainbuf[DNS_NAME_FORMATSIZE];
+
+ dns_name_format(&fctx->domain, domainbuf, sizeof(domainbuf));
+ isc_log_write(dns_lctx, DNS_LOGCATEGORY_EDNS_DISABLED,
+ DNS_LOGMODULE_RESOLVER, ISC_LOG_INFO,
+ "too many timeouts resolving '%s' (in '%s'?): "
+ "disabling EDNS", fctx->info, domainbuf);
+}
+
static isc_result_t
resquery_send(resquery_t *query) {
fetchctx_t *fctx;
fctx->timeouts >= (MAX_EDNS0_TIMEOUTS * 2)) &&
(query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
query->options |= DNS_FETCHOPT_NOEDNS0;
- FCTXTRACE("too many timeouts, disabling EDNS0");
+ log_edns(fctx);
} else if ((triededns(fctx, &query->addrinfo->sockaddr) ||
fctx->timeouts >= MAX_EDNS0_TIMEOUTS) &&
(query->options & DNS_FETCHOPT_NOEDNS0) == 0) {
projects / thirdparty / bind9.git / commitdiff
