From: Baptiste Assmann Date: Thu, 1 Mar 2018 21:26:57 +0000 (+0100) Subject: BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically X-Git-Tag: v1.9-dev1~373 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1fa7d2acce0fcbb4f8aec0199e932556a80e5bc7;p=thirdparty%2Fhaproxy.git BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically Automatic downgrade of DNS accepted payload size may have undesired side effect, which could make a backend with all servers DOWN. After talking with Lukas on the ML, I realized this "feature" introduces more issues that it fixes problem. The "best" way to handle properly big responses will be to implement DNS over TCP. To be backported to 1.8. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index 992e18acc7..d6f8b8d388 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -12009,9 +12009,6 @@ accepted_payload_size is in bytes. If not set, HAProxy announces 512. (minimal value defined by RFC 6891) - Note: to get bigger responses but still be sure that responses won't be - dropped on the wire, one can choose a value between 1280 and 1410. - Note: the maximum allowed value is 8192. nameserver : diff --git a/src/dns.c b/src/dns.c index 280bc155f7..c5bed59b1b 100644 --- a/src/dns.c +++ b/src/dns.c @@ -1733,12 +1733,6 @@ static struct task *dns_process_resolvers(struct task *t) dns_reset_resolution(res); LIST_DEL(&res->list); LIST_ADDQ(&resolvers->resolutions.wait, &res->list); - - /* This might be triggered by too big UDP packets - * dropped somewhere on the network, so lowering the - * accepted_payload_size announced */ - if (resolvers->accepted_payload_size > 1280) - resolvers->accepted_payload_size = 1280; } else { /* Otherwise resend the DNS query and requeue the resolution */