From 13fd3ecfab812526a730e21517cc669e4278930f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 27 May 2020 17:48:39 +0200 Subject: [PATCH 1/3] Reduce the default value for max-stale-ttl from 1 week to 12 hours Originally, the default value for max-stale-ttl was 1 week, which could and in some scenarios lead to cache exhaustion on a busy resolvers. Picking the default value will always be juggling between value that's useful (e.g. keeping the already cached records after they have already expired and the upstream name servers are down) and not bloating the cache too much (e.g. keeping everything for a very long time). The new default reflects what we think is a reasonable to time to react on both sides (upstream authoritative and downstream recursive). --- bin/named/config.c | 2 +- bin/tests/system/serve-stale/tests.sh | 8 +++++--- doc/arm/reference.rst | 2 +- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/bin/named/config.c b/bin/named/config.c index 121ddd1c12..b32a8a05c4 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -170,7 +170,7 @@ options {\n\ max-ncache-ttl 10800; /* 3 hours */\n\ max-recursion-depth 7;\n\ max-recursion-queries 75;\n\ - max-stale-ttl 604800; /* 1 week */\n\ + max-stale-ttl 43200; /* 12 hours */\n\ message-compression yes;\n\ min-ncache-ttl 0; /* 0 hours */\n\ min-cache-ttl 0; /* 0 seconds */\n\ diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh index e1a671dd56..c85fcfe28a 100755 --- a/bin/tests/system/serve-stale/tests.sh +++ b/bin/tests/system/serve-stale/tests.sh @@ -21,6 +21,8 @@ waitfile () { done } +max_stale_ttl=$(sed -ne 's,^[[:space:]]*max-stale-ttl \([[:digit:]]*\).*,\1,p' $TOP_SRCDIR/bin/named/config.c) + status=0 n=0 @@ -723,7 +725,7 @@ n=$((n+1)) echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (stale-answer-ttl=1 max-stale-ttl=604800)' rndc.out.test$n > /dev/null || ret=1 +grep "_default: off (stale-answer-ttl=1 max-stale-ttl=$max_stale_ttl)" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -804,7 +806,7 @@ n=$((n+1)) echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (rndc) (stale-answer-ttl=1 max-stale-ttl=604800)' rndc.out.test$n > /dev/null || ret=1 +grep "_default: on (rndc) (stale-answer-ttl=1 max-stale-ttl=$max_stale_ttl)" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -951,7 +953,7 @@ n=$((n+1)) echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.4 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (stale-answer-ttl=1 max-stale-ttl=604800)' rndc.out.test$n > /dev/null || ret=1 +grep "_default: off (stale-answer-ttl=1 max-stale-ttl=$max_stale_ttl)" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index aa4eedf86e..bfd18095b1 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3264,7 +3264,7 @@ Tuning If stale answers are enabled, ``max-stale-ttl`` sets the maximum time for which the server retains records past their normal expiry to return them as stale records, when the servers for those records are - not reachable. The default is 1 week. The minimum allowed is 1 + not reachable. The default is 12 hours. The minimum allowed is 1 second; a value of 0 is updated silently to 1 second. For stale answers to be returned, they must be enabled, either in the From fc4f3b92ab0c538305e02c58507855f33eb6c8a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 27 May 2020 17:51:56 +0200 Subject: [PATCH 2/3] Add release notes for #1877 --- doc/notes/notes-current.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index aa4bd02457..156b8f6da4 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -100,6 +100,9 @@ Feature Changes - ``dig +qid=`` allows the user to specify a particular query ID for testing purposes. [GL #1851] +- The default value of ``max-stale-ttl`` has changed from 1 week to + 12 hours. + Bug Fixes ~~~~~~~~~ From e81728289cedcd8c72728dc1fd92d2f7d0389ea4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 27 May 2020 17:52:49 +0200 Subject: [PATCH 3/3] Add CHANGES for #1877 --- CHANGES | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGES b/CHANGES index e978a40968..49324e86a5 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +5425. [func] The default value of "max-stale-ttl" has been change + from 1 week to 12 hours. [GL #1877] + 5424. [bug] With kasp, when creating a successor key, the goal state of the current active key (predecessor) was not changed and thus was never is removed from the zone.