+2398. [bug] Improve file descriptor management. New,
+ temporary, named.conf option reserved-sockets,
+ default 512. [RT #18344]
+
2396. [bug] Don't set SO_REUSEADDR for randomized ports.
[RT #18336]
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: config.c,v 1.11.2.4.8.36.4.1 2008/07/23 11:16:05 marka Exp $ */
+/* $Id: config.c,v 1.11.2.4.8.36.4.2 2008/07/23 12:03:52 marka Exp $ */
#include <config.h>
use-id-pool true;\n\
use-ixfr true;\n\
edns-udp-size 4096;\n\
+ reserved-sockets 512;\n\
\n\
/* view */\n\
allow-notify {none;};\n\
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: named.conf.docbook,v 1.1.4.13 2007/08/28 07:19:08 tbox Exp $ -->
+<!-- $Id: named.conf.docbook,v 1.1.4.13.4.1 2008/07/23 12:03:52 marka Exp $ -->
<refentry>
<refentryinfo>
port <replaceable>integer</replaceable>;
querylog <replaceable>boolean</replaceable>;
recursing-file <replaceable>quoted_string</replaceable>;
+ reserved-sockets <replaceable>integer</replaceable>;
random-device <replaceable>quoted_string</replaceable>;
recursive-clients <replaceable>integer</replaceable>;
serial-query-rate <replaceable>integer</replaceable>;
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: server.c,v 1.339.2.15.2.78.4.1 2008/05/22 21:11:14 each Exp $ */
+/* $Id: server.c,v 1.339.2.15.2.78.4.2 2008/07/23 12:03:52 marka Exp $ */
#include <config.h>
load_configuration(const char *filename, ns_server_t *server,
isc_boolean_t first_time)
{
- isc_result_t result;
- cfg_parser_t *parser = NULL;
cfg_obj_t *config;
- const cfg_obj_t *options;
- const cfg_obj_t *views;
+ cfg_parser_t *parser = NULL;
+ const cfg_listelt_t *element;
+ const cfg_obj_t *builtin_views;
+ const cfg_obj_t *maps[3];
const cfg_obj_t *obj;
+ const cfg_obj_t *options;
const cfg_obj_t *v4ports, *v6ports;
- const cfg_obj_t *maps[3];
- const cfg_obj_t *builtin_views;
- const cfg_listelt_t *element;
+ const cfg_obj_t *views;
dns_view_t *view = NULL;
dns_view_t *view_next;
- dns_viewlist_t viewlist;
dns_viewlist_t tmpviewlist;
- ns_aclconfctx_t aclconfctx;
- isc_uint32_t interface_interval;
- isc_uint32_t heartbeat_interval;
- isc_uint32_t udpsize;
+ dns_viewlist_t viewlist;
in_port_t listen_port;
int i;
+ isc_resourcevalue_t files;
+ isc_result_t result;
+ isc_uint32_t heartbeat_interval;
+ isc_uint32_t interface_interval;
+ isc_uint32_t reserved;
+ isc_uint32_t udpsize;
+ ns_aclconfctx_t aclconfctx;
ns_aclconfctx_init(&aclconfctx);
ISC_LIST_INIT(viewlist);
*/
set_limits(maps);
+ /*
+ * Sanity check on "files" limit.
+ */
+ result = isc_resource_curlimit(isc_resource_openfiles, &files);
+ if (result == ISC_R_SUCCESS && files < FD_SETSIZE) {
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+ NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
+ "the 'files' limit (%" ISC_PRINT_QUADFORMAT "u) "
+ "is less than FD_SETSIZE (%d), increase "
+ "'files' in named.conf or recompile with a "
+ "smaller FD_SETSIZE.", files, FD_SETSIZE);
+ if (files > FD_SETSIZE)
+ files = FD_SETSIZE;
+ } else
+ files = FD_SETSIZE;
+
+ /*
+ * Set the number of socket reserved for TCP, stdio etc.
+ */
+ obj = NULL;
+ result = ns_config_get(maps, "reserved-sockets", &obj);
+ INSIST(result == ISC_R_SUCCESS);
+ reserved = cfg_obj_asuint32(obj);
+ if (files < 128U) /* Prevent underflow. */
+ reserved = 0;
+ else if (reserved > files - 128U) /* Mimimum UDP space. */
+ reserved = files - 128;
+ if (reserved < 128U) /* Mimimum TCP/stdio space. */
+ reserved = 128;
+ if (reserved + 128U > files) {
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+ NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
+ "less than 128 UDP sockets available after "
+ "applying 'reserved-sockets' and 'files'");
+ }
+ isc__socketmgr_setreserved(ns_g_socketmgr, reserved);
+
/*
* Configure various server options.
*/
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- File: $Id: Bv9ARM-book.xml,v 1.155.2.27.2.88.2.1 2008/05/22 21:11:14 each Exp $ -->
+<!-- File: $Id: Bv9ARM-book.xml,v 1.155.2.27.2.88.2.2 2008/07/23 12:03:52 marka Exp $ -->
<book>
<title>BIND 9 Administrator Reference Manual</title>
<optional> max-transfer-idle-in <replaceable>number</replaceable>; </optional>
<optional> max-transfer-idle-out <replaceable>number</replaceable>; </optional>
<optional> tcp-clients <replaceable>number</replaceable>; </optional>
+ <optional> reserved-sockets <replaceable>number</replaceable>; </optional>
<optional> recursive-clients <replaceable>number</replaceable>; </optional>
<optional> serial-query-rate <replaceable>number</replaceable>; </optional>
<optional> serial-queries <replaceable>number</replaceable>; </optional>
The default is <literal>100</literal>.</para>
</listitem></varlistentry>
+ <varlistentry>
+ <term><command>reserved-sockets</command></term>
+ <listitem>
+ <para>
+ The number of file descriptors reserved for TCP, stdio,
+ etc. This needs to be big enough to cover the number of
+ interfaces named listens on, tcp-clients as well as
+ to provide room for outgoing TCP queries and incoming zone
+ transfers. The default is <literal>512</literal>.
+ The minimum value is <literal>128</literal> and the
+ maximum value is <literal>128</literal> less than
+ 'files' or FD_SETSIZE (whichever is smaller). This
+ option may be removed in the future.
+ </para>
+ </listitem>
+ </varlistentry>
+
<varlistentry><term><command>max-cache-size</command></term>
<listitem><para>The maximum amount of memory to use for the
server's cache, in bytes. When the amount of data in the cache
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resource.h,v 1.4.206.1 2004/03/06 08:14:47 marka Exp $ */
+/* $Id: resource.h,v 1.4.206.1.34.1 2008/07/23 12:03:53 marka Exp $ */
#ifndef ISC_RESOURCE_H
#define ISC_RESOURCE_H 1
* ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS.
*/
+isc_result_t
+isc_resource_curlimit(isc_resource_t resource, isc_resourcevalue_t *value);
+/*
+ * Get the current limit on a resource.
+ *
+ * Requires:
+ * 'resource' is a valid member of the isc_resource_t enumeration.
+ *
+ * Returns:
+ * ISC_R_SUCCESS Success.
+ * ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS.
+ */
+
ISC_LANG_ENDDECLS
#endif /* ISC_RESOURCE_H */
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.h,v 1.54.12.7.4.2 2008/07/23 07:28:11 tbox Exp $ */
+/* $Id: socket.h,v 1.54.12.7.4.3 2008/07/23 12:03:53 marka Exp $ */
#ifndef ISC_SOCKET_H
#define ISC_SOCKET_H 1
* 'sock' is a valid socket.
*/
+void
+isc__socketmgr_setreserved(isc_socketmgr_t *mgr, isc_uint32_t);
+/*%<
+ * Temporary. For use by named only.
+ */
+
ISC_LANG_ENDDECLS
#endif /* ISC_SOCKET_H */
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resource.c,v 1.11.206.3.4.1 2008/07/23 11:18:40 marka Exp $ */
+/* $Id: resource.c,v 1.11.206.3.4.2 2008/07/23 12:03:53 marka Exp $ */
#include <config.h>
return (result);
}
+
+isc_result_t
+isc_resource_curlimit(isc_resource_t resource, isc_resourcevalue_t *value) {
+ int unixresult;
+ int unixresource;
+ struct rlimit rl;
+ isc_result_t result;
+
+ result = resource2rlim(resource, &unixresource);
+ if (result == ISC_R_SUCCESS) {
+ unixresult = getrlimit(unixresource, &rl);
+ INSIST(unixresult == 0);
+ *value = rl.rlim_cur;
+ }
+
+ return (result);
+}
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.c,v 1.207.2.19.2.35.4.1 2008/07/22 04:16:14 marka Exp $ */
+/* $Id: socket.c,v 1.207.2.19.2.35.4.2 2008/07/23 12:03:53 marka Exp $ */
#include <config.h>
isc_socket_t *fds[FD_SETSIZE];
int fdstate[FD_SETSIZE];
int maxfd;
+ int reserved; /* unlocked */
#ifdef ISC_PLATFORM_USETHREADS
isc_thread_t watcher;
isc_condition_t shutdown_ok;
#ifdef F_DUPFD
/*
- * Leave a space for stdio to work in.
+ * Leave a space for stdio and TCP to work in.
*/
- if (sock->fd >= 0 && sock->fd < 20) {
+ if (manager->reserved != 0 && type == isc_sockettype_udp &&
+ sock->fd >= 0 && sock->fd < manager->reserved) {
+ int new, tmp;
+ new = fcntl(sock->fd, F_DUPFD, manager->reserved);
+ tmp = errno;
+ (void)close(sock->fd);
+ errno = tmp;
+ sock->fd = new;
+ err = "isc_socket_create: fcntl/reserved";
+ } else if (sock->fd >= 0 && sock->fd < 20) {
int new, tmp;
new = fcntl(sock->fd, F_DUPFD, 20);
tmp = errno;
}
#endif /* ISC_PLATFORM_USETHREADS */
+void
+isc__socketmgr_setreserved(isc_socketmgr_t *manager, isc_uint32_t reserved) {
+
+ REQUIRE(VALID_MANAGER(manager));
+
+ manager->reserved = reserved;
+}
+
/*
* Create a new socket manager.
*/
#else /* ISC_PLATFORM_USETHREADS */
manager->maxfd = 0;
#endif /* ISC_PLATFORM_USETHREADS */
+ manager->reserved = 0;
memset(manager->fdstate, 0, sizeof(manager->fdstate));
#ifdef ISC_PLATFORM_USETHREADS
isc__mem_strdup
isc__mempool_get
isc__mempool_put
+isc__socketmgr_setminudp
isc__strerror
isc_app_block
isc_app_finish
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resource.c,v 1.2.12.6 2007/08/28 07:19:17 tbox Exp $ */
+/* $Id: resource.c,v 1.2.12.6.4.1 2008/07/23 12:03:53 marka Exp $ */
#include <config.h>
*value = WIN32_MAX_OPEN_FILES;
return (ISC_R_SUCCESS);
}
+
+isc_result_t
+isc_resource_curlimit(isc_resource_t resource, isc_resourcevalue_t *value) {
+
+ if (resource != isc_resource_openfiles)
+ return (ISC_R_NOTIMPLEMENTED);
+
+ *value = WIN32_MAX_OPEN_FILES;
+ return (ISC_R_SUCCESS);
+}
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.c,v 1.5.2.13.2.24.4.2 2008/07/23 07:28:12 tbox Exp $ */
+/* $Id: socket.c,v 1.5.2.13.2.24.4.3 2008/07/23 12:03:53 marka Exp $ */
/* This code has been rewritten to take advantage of Windows Sockets
* I/O Completion Ports and Events. I/O Completion Ports is ONLY
}
#endif
}
+
+void
+isc__socketmgr_setreserved(isc_socketmgr_t *manager, isc_uint32_t reserved) {
+ UNUSED(manager);
+ UNUSED(reserved);
+}
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: namedconf.c,v 1.21.44.36 2008/01/24 23:45:28 tbox Exp $ */
+/* $Id: namedconf.c,v 1.21.44.36.2.1 2008/07/23 12:03:53 marka Exp $ */
#include <config.h>
{ "recursing-file", &cfg_type_qstring, 0 },
{ "random-device", &cfg_type_qstring, 0 },
{ "recursive-clients", &cfg_type_uint32, 0 },
+ { "reserved-sockets", &cfg_type_uint32, 0 },
{ "serial-queries", &cfg_type_uint32, CFG_CLAUSEFLAG_OBSOLETE },
{ "serial-query-rate", &cfg_type_uint32, 0 },
{ "server-id", &cfg_type_serverid, 0 },
projects / thirdparty / bind9.git / commitdiff
