From: Otto Date: Wed, 2 Jun 2021 14:11:44 +0000 (+0200) Subject: Better approach: just never consider root records "almost expired". X-Git-Tag: auth-4.5.0-beta1~3^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5562c3e0ddf70832edb110932a2b4ada346d8e57;p=thirdparty%2Fpdns.git Better approach: just never consider root records "almost expired". They will be refreshed by the periodic task anyway. --- diff --git a/pdns/recursor_cache.cc b/pdns/recursor_cache.cc index 9e05a49739..74ad771e94 100644 --- a/pdns/recursor_cache.cc +++ b/pdns/recursor_cache.cc @@ -243,7 +243,7 @@ time_t MemRecursorCache::fakeTTD(MemRecursorCache::OrderedTagIterator_t& entry, if (ttl > 0 && SyncRes::s_refresh_ttlperc > 0) { const uint32_t deadline = origTTL * SyncRes::s_refresh_ttlperc / 100; const bool almostExpired = static_cast(ttl) <= deadline; - if (almostExpired) { + if (almostExpired && qname != g_rootdnsname) { if (refresh) { return -1; } else { diff --git a/pdns/syncres.cc b/pdns/syncres.cc index c3aa7d7bac..2cb4d08ea2 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -1080,14 +1080,14 @@ vector SyncRes::getAddrs(const DNSName &qname, unsigned int depth, try { // First look for both A and AAAA in the cache and be satisfied if we find anything res_t cset; - if (s_doIPv4 && g_recCache->get(d_now.tv_sec, qname, QType::A, false, &cset, d_cacheRemote, false, d_routingTag) > 0) { + if (s_doIPv4 && g_recCache->get(d_now.tv_sec, qname, QType::A, false, &cset, d_cacheRemote, d_refresh, d_routingTag) > 0) { for (const auto &i : cset) { if (auto rec = getRR(i)) { ret.push_back(rec->getCA(53)); } } } - if (s_doIPv6 && g_recCache->get(d_now.tv_sec, qname, QType::AAAA, false, &cset, d_cacheRemote, false, d_routingTag) > 0) { + if (s_doIPv6 && g_recCache->get(d_now.tv_sec, qname, QType::AAAA, false, &cset, d_cacheRemote, d_refresh, d_routingTag) > 0) { for (const auto &i : cset) { if (auto rec = getRR(i)) { ret.push_back(rec->getCA(53)); @@ -1125,7 +1125,7 @@ vector SyncRes::getAddrs(const DNSName &qname, unsigned int depth, // We have some IPv4 records, don't bother with going out to get IPv6, but do consult the cache, we might have // encountered some IPv6 glue cset.clear(); - if (g_recCache->get(d_now.tv_sec, qname, QType::AAAA, false, &cset, d_cacheRemote, false, d_routingTag) > 0) { + if (g_recCache->get(d_now.tv_sec, qname, QType::AAAA, false, &cset, d_cacheRemote, d_refresh, d_routingTag) > 0) { for (const auto &i : cset) { if (auto rec = getRR(i)) { ret.push_back(rec->getCA(53)); @@ -1208,7 +1208,7 @@ void SyncRes::getBestNSFromCache(const DNSName &qname, const QType qtype, vector vector ns; *flawedNSSet = false; - if(g_recCache->get(d_now.tv_sec, subdomain, QType::NS, false, &ns, d_cacheRemote, false, d_routingTag) > 0) { + if(g_recCache->get(d_now.tv_sec, subdomain, QType::NS, false, &ns, d_cacheRemote, d_refresh, d_routingTag) > 0) { bestns.reserve(ns.size()); for(auto k=ns.cbegin();k!=ns.cend(); ++k) { @@ -1224,7 +1224,7 @@ void SyncRes::getBestNSFromCache(const DNSName &qname, const QType qtype, vector const DNSRecord& dr=*k; auto nrr = getRR(dr); if(nrr && (!nrr->getNS().isPartOf(subdomain) || g_recCache->get(d_now.tv_sec, nrr->getNS(), nsqt, - false, doLog() ? &aset : 0, d_cacheRemote, false, d_routingTag) > 5)) { + false, doLog() ? &aset : 0, d_cacheRemote, d_refresh, d_routingTag) > 5)) { bestns.push_back(dr); LOG(prefix< '"<getNS()<<"'"<getNS().isPartOf(subdomain));