Implement 'max-query-count'

Add another option to configure how many outgoing queries per client request is allowed. The existing 'max-recursion-queries' is per restart, this one is a global limit.
2025-08-22 10:10:06 +00:00 · 2024-11-07 10:52:19 +01:00 · 2024-11-07 10:52:19 +01:00 · bbc16cc8e6
commit bbc16cc8e6
parent 522581469c
9 changed files with 42 additions and 0 deletions
--- a/bin/named/config.c
+++ b/bin/named/config.c
@ -169,6 +169,7 @@ options {\n\
 	max-ncache-ttl 10800; /* 3 hours */\n\
 	max-recursion-depth 7;\n\
 	max-recursion-queries 32;\n\
+	max-query-count 200;\n\
 	max-query-restarts 11;\n\
 	max-stale-ttl 86400; /* 1 day */\n\
 	message-compression yes;\n\
--- a/bin/named/server.c
+++ b/bin/named/server.c
@ -5292,6 +5292,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
 	INSIST(result == ISC_R_SUCCESS);
 	dns_view_setmaxrestarts(view, cfg_obj_asuint32(obj));

+	obj = NULL;
+	result = named_config_get(maps, "max-query-count", &obj);
+	INSIST(result == ISC_R_SUCCESS);
+	dns_view_setmaxqueries(view, cfg_obj_asuint32(obj));
+
 	obj = NULL;
 	result = named_config_get(maps, "max-validations-per-fetch", &obj);
 	if (result == ISC_R_SUCCESS) {
--- a/bin/tests/system/checkconf/good.conf.in
+++ b/bin/tests/system/checkconf/good.conf.in
@ -74,6 +74,7 @@ options {
 	check-names primary warn;
 	check-names secondary ignore;
 	max-cache-size 20000000000000;
+	max-query-count 100;
 	max-query-restarts 10;
 	nta-lifetime 604800;
 	nta-recheck 604800;
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@ -4472,6 +4472,15 @@ Tuning
   format is more human-readable, and is thus suitable when a zone is to
   be edited by hand. The default is ``relative``.

+.. namedconf:statement:: max-query-count
+   :tags: server, query
+   :short: Sets the maximum number of iterative queries while servicing a recursive query.
+
+   This sets the maximum number of iterative queries that may be sent
+   by a resolver while looking up a single name. If more queries than this
+   need to be sent before an answer is reached, then recursion is terminated
+   and a SERVFAIL response is returned to the client. The default is ``200``.
+
 .. namedconf:statement:: max-recursion-depth
   :tags: server
   :short: Sets the maximum number of levels of recursion permitted at any one time while servicing a recursive query.
--- a/doc/misc/options
+++ b/doc/misc/options
@ -179,6 +179,7 @@ options {
 	max-ixfr-ratio ( unlimited | <percentage> );
 	max-journal-size ( default | unlimited | <sizeval> );
 	max-ncache-ttl <duration>;
+	max-query-count <integer>;
 	max-query-restarts <integer>;
 	max-records <integer>;
 	max-records-per-type <integer>;
@ -470,6 +471,7 @@ view <string> [ <class> ] {
 	max-ixfr-ratio ( unlimited | <percentage> );
 	max-journal-size ( default | unlimited | <sizeval> );
 	max-ncache-ttl <duration>;
+	max-query-count <integer>;
 	max-query-restarts <integer>;
 	max-records <integer>;
 	max-records-per-type <integer>;
--- a/lib/dns/include/dns/view.h
+++ b/lib/dns/include/dns/view.h
@ -185,6 +185,7 @@ struct dns_view {
 	unsigned int	      udpsize;
 	uint32_t	      maxrrperset;
 	uint32_t	      maxtypepername;
+	uint16_t	      max_queries;
 	uint8_t		      max_restarts;

 	/*
@ -1335,4 +1336,17 @@ dns_view_setmaxrestarts(dns_view_t *view, uint8_t max_restarts);
 *\li	'max_restarts' is greater than 0.
 */

+void
+dns_view_setmaxqueries(dns_view_t *view, uint16_t max_queries);
+/*%
+ * Set the number of permissible outgoing queries before we give up.
+ * This defaults to 200.
+ *
+ * Requires:
+ *
+ *\li	'view' is valid;
+ *\li	'max_queries' is greater than 0.
+ */
+
+
 ISC_LANG_ENDDECLS
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@ -566,6 +566,7 @@ struct dns_resolver {
 	unsigned int query_timeout;
 	unsigned int maxdepth;
 	unsigned int maxqueries;
+	unsigned int maxquerycount;
 	isc_result_t quotaresp[2];
 	isc_stats_t *stats;
 	dns_stats_t *querystats;
--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@ -2447,3 +2447,11 @@ dns_view_setmaxrestarts(dns_view_t *view, uint8_t max_restarts) {

 	view->max_restarts = max_restarts;
 }
+
+void
+dns_view_setmaxqueries(dns_view_t *view, uint16_t max_queries) {
+	REQUIRE(DNS_VIEW_VALID(view));
+	REQUIRE(max_queries > 0);
+
+	view->max_queries = max_queries;
+}
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@ -2108,6 +2108,7 @@ static cfg_clausedef_t view_clauses[] = {
 	{ "max-ncache-ttl", &cfg_type_duration, 0 },
 	{ "max-recursion-depth", &cfg_type_uint32, 0 },
 	{ "max-recursion-queries", &cfg_type_uint32, 0 },
+	{ "max-query-count", &cfg_type_uint32, 0 },
 	{ "max-query-restarts", &cfg_type_uint32, 0 },
 	{ "max-stale-ttl", &cfg_type_duration, 0 },
 	{ "max-udp-size", &cfg_type_uint32, 0 },