mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 22:45:39 +00:00
Code Issues Releases Wiki Activity

[master] adjust max-recursion-queries

Browse Source 
4021.	[bug]		Adjust max-recursion-queries to accommodate
			the need for more queries when the cache is
			empty. [RT #38104]
This commit is contained in:
Evan Hunt
2014-12-15 22:28:06 -08:00
parent 132410d33f
commit be7fba8019
7 changed files with 40 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -1,3 +1,7 @@
4021. [bug] Adjust max-recursion-queries to accommodate
the need for more queries when the cache is
empty. [RT #38104]
4020. [bug] Change 3736 broke nsupdate's SOA MNAME discovery 4020. [bug] Change 3736 broke nsupdate's SOA MNAME discovery
resulting in updates being sent to the wrong server. resulting in updates being sent to the wrong server.
[RT #37925] [RT #37925]

2
bin/named/config.c
View File

@@ -175,7 +175,7 @@ options {\n\
clients-per-query 10;\n\ clients-per-query 10;\n\
max-clients-per-query 100;\n\ max-clients-per-query 100;\n\
max-recursion-depth 7;\n\ max-recursion-depth 7;\n\
max-recursion-queries 50;\n\ max-recursion-queries 75;\n\
zero-no-soa-ttl-cache no;\n\ zero-no-soa-ttl-cache no;\n\
nsec3-test-zone no;\n\ nsec3-test-zone no;\n\
allow-new-zones no;\n\ allow-new-zones no;\n\

1
bin/tests/system/reclimit/ns3/named3.conf
View File

@@ -27,6 +27,7 @@ options {
listen-on-v6 { none; }; listen-on-v6 { none; };
servfail-ttl 0; servfail-ttl 0;
max-recursion-depth 100; max-recursion-depth 100;
max-recursion-queries 50;
}; };
key rndc_key { key rndc_key {

6
doc/arm/Bv9ARM-book.xml
View File

@@ -9123,8 +9123,10 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
Sets the maximum number of iterative queries that Sets the maximum number of iterative queries that
may be sent while servicing a recursive query. may be sent while servicing a recursive query.
If more queries are sent, the recursive query If more queries are sent, the recursive query
is terminated and returns SERVFAIL. The default is terminated and returns SERVFAIL. Queries to
is 50. look up top level comains such as "com" and "net"
and the DNS root zone are exempt from this limitation.
The default is 75.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>

7
doc/arm/notes.xml
View File

@@ -423,6 +423,13 @@
rather than the SOA MNAME server when sending the UPDATE. rather than the SOA MNAME server when sending the UPDATE.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Adjusted max-recursion-queries to accommodate the smaller
initial packet sizes used in BIND 9.10 and higher when
contacting authoritative servers for the first time.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</sect2> </sect2>
<sect2 id="end_of_life"> <sect2 id="end_of_life">

4
lib/dns/adb.c
View File

@@ -3893,11 +3893,11 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) {
goto out; goto out;
/* XXXMLG Don't pound on bad servers. */ /* XXXMLG Don't pound on bad servers. */
if (address_type == DNS_ADBFIND_INET) { if (address_type == DNS_ADBFIND_INET) {
name->expire_v4 = ISC_MIN(name->expire_v4, now + 300); name->expire_v4 = ISC_MIN(name->expire_v4, now + 10);
name->fetch_err = FIND_ERR_FAILURE; name->fetch_err = FIND_ERR_FAILURE;
inc_stats(adb, dns_resstatscounter_gluefetchv4fail); inc_stats(adb, dns_resstatscounter_gluefetchv4fail);
} else { } else {
name->expire_v6 = ISC_MIN(name->expire_v6, now + 300); name->expire_v6 = ISC_MIN(name->expire_v6, now + 10);
name->fetch6_err = FIND_ERR_FAILURE; name->fetch6_err = FIND_ERR_FAILURE;
inc_stats(adb, dns_resstatscounter_gluefetchv6fail); inc_stats(adb, dns_resstatscounter_gluefetchv6fail);
} }

30
lib/dns/resolver.c
View File

@@ -164,7 +164,7 @@
/* The default maximum number of iterative queries to allow before giving up. */ /* The default maximum number of iterative queries to allow before giving up. */
#ifndef DEFAULT_MAX_QUERIES #ifndef DEFAULT_MAX_QUERIES
#define DEFAULT_MAX_QUERIES 50 #define DEFAULT_MAX_QUERIES 75
#endif #endif
/*% /*%
@@ -3416,6 +3416,16 @@ fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, isc_boolean_t badcache) {
REQUIRE(!ADDRWAIT(fctx)); REQUIRE(!ADDRWAIT(fctx));
/* We've already exceeded maximum query count */
if (isc_counter_used(fctx->qc) > fctx->res->maxqueries) {
isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(3),
"exceeded max queries resolving '%s'",
fctx->info);
fctx_done(fctx, DNS_R_SERVFAIL, __LINE__);
return;
}
addrinfo = fctx_nextaddress(fctx); addrinfo = fctx_nextaddress(fctx);
if (addrinfo == NULL) { if (addrinfo == NULL) {
/* /*
@@ -3453,14 +3463,16 @@ fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, isc_boolean_t badcache) {
} }
} }
result = isc_counter_increment(fctx->qc); if (dns_name_countlabels(&fctx->domain) > 2) {
if (result != ISC_R_SUCCESS) { result = isc_counter_increment(fctx->qc);
isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, if (result != ISC_R_SUCCESS) {
DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(3), isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER,
"exceeded max queries resolving '%s'", DNS_LOGMODULE_RESOLVER, ISC_LOG_DEBUG(3),
fctx->info); "exceeded max queries resolving '%s'",
fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); fctx->info);
return; fctx_done(fctx, DNS_R_SERVFAIL, __LINE__);
return;
}
} }
result = fctx_query(fctx, addrinfo, fctx->options); result = fctx_query(fctx, addrinfo, fctx->options);