From: Remi Gacogne Date: Mon, 7 Jun 2021 14:12:18 +0000 (+0200) Subject: dnsdist: Implement 'tcpOnly' backends X-Git-Tag: dnsdist-1.7.0-alpha1~45^2~20 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e90096c29b6a5bd087c53f81542a4b5429fe99d;p=thirdparty%2Fpdns.git dnsdist: Implement 'tcpOnly' backends --- diff --git a/pdns/dnsdist-lua.cc b/pdns/dnsdist-lua.cc index fddb268427..989d6bab28 100644 --- a/pdns/dnsdist-lua.cc +++ b/pdns/dnsdist-lua.cc @@ -499,6 +499,10 @@ static void setupLuaConfig(LuaContext& luaCtx, bool client, bool configCheck) } } + if (vars.count("tcpOnly")) { + ret->d_tcpOnly = boost::get(vars.at("tcpOnly")); + } + if (vars.count("tls")) { TLSContextParameters tlsParams; std::string ciphers; diff --git a/pdns/dnsdist.hh b/pdns/dnsdist.hh index 2d394ca5de..85fa96ea2e 100644 --- a/pdns/dnsdist.hh +++ b/pdns/dnsdist.hh @@ -739,6 +739,7 @@ struct DownstreamState bool ipBindAddrNoPort{true}; bool reconnectOnUp{false}; bool d_tcpCheck{false}; + bool d_tcpOnly{false}; bool isUp() const { @@ -814,12 +815,12 @@ struct DownstreamState bool doHealthcheckOverTCP() const { - return d_tcpCheck || d_tlsCtx != nullptr; + return d_tcpOnly || d_tcpCheck || d_tlsCtx != nullptr; } bool isTCPOnly() const { - return d_tlsCtx != nullptr; + return d_tcpOnly || d_tlsCtx != nullptr; } private: diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index 29913fa6d6..cccf46a17f 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -488,6 +488,9 @@ Servers .. versionchanged:: 1.6.0 Added ``maxInFlight`` to server_table. + .. versionchanged:: 1.7.0 + Added ``tcpOnly`` to server_table. + Add a new backend server. Call this function with either a string:: newServer( @@ -533,7 +536,8 @@ Servers rise=NUM, -- Require NUM consecutive successful checks before declaring the backend up, default: 1 useProxyProtocol=BOOL, -- Add a proxy protocol header to the query, passing along the client's IP address and port along with the original destination address and port. Default is disabled. reconnectOnUp=BOOL, -- Close and reopen the sockets when a server transits from Down to Up. This helps when an interface is missing when dnsdist is started. Default is disabled. - maxInFlight -- Maximum number of in-flight queries. The default is 0, which disables out-of-order processing. It should only be enabled if the backend does support out-of-order processing. As of 1.6.0, out-of-order processing needs to be enabled on the frontend as well, via :func:`addLocal` and/or :func:`addTLSLocal`. Note that out-of-order is always enabled on DoH frontends. + maxInFlight=NUM, -- Maximum number of in-flight queries. The default is 0, which disables out-of-order processing. It should only be enabled if the backend does support out-of-order processing. As of 1.6.0, out-of-order processing needs to be enabled on the frontend as well, via :func:`addLocal` and/or :func:`addTLSLocal`. Note that out-of-order is always enabled on DoH frontends. + tcpOnly=BOOL -- Always forward queries to that backend over TCP, never over UDP. Defaut is false. }) :param str server_string: A simple IP:PORT string.