dnsdist: Document that cache hits go into the ring buffer since 1.8.0

And the effects it has on Dynamic Blocks.

diff --git a/pdns/dnsdistdist/docs/guides/dynblocks.rst b/pdns/dnsdistdist/docs/guides/dynblocks.rst
index c987b0c69f5b538f23c9f9a7c6b8dfe90e973c1c..a64ae177fd2d303d6f24376be6d2ceb86c41f52f 100644 (file)
--- a/pdns/dnsdistdist/docs/guides/dynblocks.rst
+++ b/pdns/dnsdistdist/docs/guides/dynblocks.rst
@@ -50,7 +50,7 @@ Please see the documentation for :func:`setDynBlocksAction` to confirm which act
 DynBlockRulesGroup
 ------------------
 
-Starting with dnsdist 1.3.0, a new :ref:`dynBlockRulesGroup` function can be used to return a `DynBlockRulesGroup` instance,
+Starting with dnsdist 1.3.0, a new :func:`dynBlockRulesGroup` function can be used to return a :class:`DynBlockRulesGroup` instance,
 designed to make the processing of multiple rate-limiting rules faster by walking the query and response buffers only once
 for each invocation, instead of once per existing `exceed*()` invocation.
 

diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst
index 84a164282b956365eed481d92437858f54bb3bbe..072ade479d2e31601155049c2d637e484309bbea 100644 (file)
--- a/pdns/dnsdistdist/docs/reference/config.rst
+++ b/pdns/dnsdistdist/docs/reference/config.rst
@@ -1727,6 +1727,9 @@ faster than the existing rules.
 
   .. method:: DynBlockRulesGroup:setRCodeRate(rcode, rate, seconds, reason, blockingTime [, action [, warningRate]])
 
+    .. note::
+      Cache hits are inserted into the in-memory ring buffers since 1.8.0, so they are now considered when computing the rcode rate.
+
     Adds a rate-limiting rule for responses of code ``rcode``, equivalent to:
     ```
     addDynBlocks(exceedServfails(rcode, rate, seconds), reason, blockingTime, action)
@@ -1744,6 +1747,9 @@ faster than the existing rules.
 
     .. versionadded:: 1.5.0
 
+    .. note::
+      Cache hits are inserted into the in-memory ring buffers since 1.8.0, so they are now considered when computing the rcode ratio.
+
     Adds a rate-limiting rule for the ratio of responses of code ``rcode`` over the total number of responses for a given client.
 
     :param int rcode: The response code
@@ -1772,6 +1778,9 @@ faster than the existing rules.
 
   .. method:: DynBlockRulesGroup:setResponseByteRate(rate, seconds, reason, blockingTime [, action [, warningRate]])
 
+    .. note::
+      Cache hits are inserted into the in-memory ring buffers since 1.8.0, so they are now considered when computing the bandwidth rate.
+
     Adds a bandwidth rate-limiting rule for responses, equivalent to:
     ```
     addDynBlocks(exceedRespByterate(rate, seconds), reason, blockingTime, action)

diff --git a/pdns/dnsdistdist/docs/upgrade_guide.rst b/pdns/dnsdistdist/docs/upgrade_guide.rst
index c4fb3ba763d6b98f04415550e4713c6da0f844b8..7ea7c96383818cdc4ed165ebda1f1413c50d3a4a 100644 (file)
--- a/pdns/dnsdistdist/docs/upgrade_guide.rst
+++ b/pdns/dnsdistdist/docs/upgrade_guide.rst
@@ -29,6 +29,8 @@ Responses to AXFR and IXFR queries are no longer cached.
 
 Cache-hits are now counted as responses in our metrics.
 
+Cache hits are now inserted into the in-memory ring buffers, while before 1.8.0 only cache misses were inserted. This has a very noticeable impact on :doc:`guides/dynblocks` since cache hits now considered when computing the rcode rates and ratios, as well as the response bandwidth rate.
+
 The :func:`setMaxTCPConnectionsPerClient` limit is now properly applied to DNS over HTTPS connections, in addition to DNS over TCP and DNS over TLS ones.
 
 The configuration check will now fail if the configuration file does not exist. For this reason we now create a default configuration file, based on the file previously called ``dnsdistconf.lua``, which contains commented-out examples of how to set up dnsdist.