From: Michał Kępień Date: Thu, 30 Jul 2020 08:58:39 +0000 (+0200) Subject: Fix idle timeout for connected TCP sockets X-Git-Tag: v9.17.4~29^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=953d704bd25627d1d83294a8b11fc7c78d6e8a78;p=thirdparty%2Fbind9.git Fix idle timeout for connected TCP sockets When named acting as a resolver connects to an authoritative server over TCP, it sets the idle timeout for that connection to 20 seconds. This fixed timeout was picked back when the default processing timeout for each client query was hardcoded to 30 seconds. Commit 000a8970f840a0c27c5cc404826853c4674362ac made this processing timeout configurable through "resolver-query-timeout" and decreased its default value to 10 seconds, but the idle TCP timeout was not adjusted to reflect that change. As a result, with the current defaults in effect, a single hung TCP connection will consistently cause the resolution process for a given query to time out. Set the idle timeout for connected TCP sockets to half of the client query processing timeout configured for a resolver. This allows named to handle hung TCP connections more robustly and prevents the timeout mismatch issue from resurfacing in the future if the default is ever changed again. --- diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 8aa78191e87..893eb340d21 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -3012,12 +3012,15 @@ resquery_connected(isc_task_t *task, isc_event_t *event) { case ISC_R_SUCCESS: /* - * Extend the idle timer for TCP. 20 seconds - * should be long enough for a TCP connection to be - * established, a single DNS request to be sent, - * and the response received. + * Extend the idle timer for TCP. Half of + * "resolver-query-timeout" will hopefully be long + * enough for a TCP connection to be established, a + * single DNS request to be sent, and the response + * received. */ - isc_interval_set(&interval, 20, 0); + isc_interval_set(&interval, + fctx->res->query_timeout / 1000 / 2, + 0); result = fctx_startidletimer(query->fctx, &interval); if (result != ISC_R_SUCCESS) { FCTXTRACE("query canceled: idle timer failed; "