diff --git a/CHANGES b/CHANGES
index 4d7b20a214..5649145251 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4954. [func] Messages about serving of stale answers are now
+ directed to the "serve-stale" logging category.
+ Also clarified serve-stale documentation. [GL !323]
+
4953. [bug] Removed the option to build the red black tree
database without a hash table; the non-hashing
version was buggy and is not needed. [GL #184]
diff --git a/bin/named/server.c b/bin/named/server.c
index 8844cf3953..9e1aa022e8 100644
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -4093,7 +4093,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist,
obj = NULL;
result = named_config_get(maps, "max-stale-ttl", &obj);
INSIST(result == ISC_R_SUCCESS);
- max_stale_ttl = cfg_obj_asuint32(obj);
+ max_stale_ttl = ISC_MAX(cfg_obj_asuint32(obj), 1);
obj = NULL;
result = named_config_get(maps, "stale-answer-enable", &obj);
diff --git a/bin/rndc/rndc.docbook b/bin/rndc/rndc.docbook
index afda6f6e8e..ccf5f8f477 100644
--- a/bin/rndc/rndc.docbook
+++ b/bin/rndc/rndc.docbook
@@ -785,20 +785,28 @@
- serve-stale ( on | off | status | reset ) classview
+ serve-stale ( on | off | reset | status ) classview
- Enable, disable, or reset the serving of stale answers
- as configured in named.conf. Serving of stale answers
- will remain disabled across named.conf
- reloads if disabled via rndc until it is reset via rndc.
+ Enable, disable, reset, or report the current status
+ of the serving of stale answers as configured in
+ named.conf.
- Status will report whether serving of stale answers is
- currently enabled, disabled or not configured for a
- view. If serving of stale records is configured then
- the values of stale-answer-ttl and max-stale-ttl are
- reported.
+ If serving of stale answers is disabled by
+ rndc-serve-stale off, then it
+ will remain disabled even if named
+ is reloaded or reconfigured.
+ rndc serve-stale reset restores
+ the setting as configured in named.conf.
+
+
+ rndc serve-stale status will report
+ whether serving of stale answers is currently enabled,
+ disabled by the configuration, or disabled by
+ rndc. It will also report the
+ values of stale-answer-ttl and
+ max-stale-ttl.
diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml
index fdfa988275..80ce9281b1 100644
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -5349,12 +5349,13 @@ options {
Specifies the TTL to be returned on stale answers.
The default is 1 second. The minimum allowed is
also 1 second; a value of 0 will be updated silently
- to 1 second. For stale answers to be returned,
- they must be enabled (either in the configuration file
- using stale-answer-enable or via
- rndc), and
- must be set to a
- nonzero value.
+ to 1 second.
+
+
+ For stale answers to be returned, they must be enabled,
+ either in the configuration file using
+ stale-answer-enable or via
+ rndc serve-stale on.
@@ -6098,18 +6099,28 @@ options {
stale-answer-enable
- Enable the returning of stale answers when the
- nameservers for the zone are not answering. This
- is off by default, but can be enabled/disabled via
- rndc serve-stale on and
- rndc serve-stale off, which
- override the named.conf
- setting. rndc serve-stale reset
+ Enable the returning of "stale" cached answers when
+ the nameservers for a zone are not answering. The
+ default is not to return stale answers.
+
+
+ Stale answers can also be enabled or disabled at
+ runtime via rndc serve-stale on or
+ rndc serve-stale off; these
+ override the configured setting.
+ rndc serve-stale reset
restores the setting to the one specified in
- named.conf. Note that
- reloading or reconfiguring named
- will not re-enable serving of stale records if they
- have been disabled via rndc.
+ named.conf. Note that if
+ stale answers have been disabled by rndc,
+ then they cannot be re-enabled by reloading or
+ reconfiguring named;
+ they must be re-enabled with
+ rndc serve-stale on,
+ or the server must be restarted.
+
+
+ Information about stale answers is logged under
+ the serve-stale log category.
@@ -8901,19 +8912,21 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
max-stale-ttl
- Sets the maximum time for which the server will
+ If stale answers are enabled,
+ max-stale-ttl
+ sets the maximum time for which the server will
retain records past their normal expiry to
return them as stale records when the servers
- for those records are not reachable. The default
- is to not retain the record.
+ for those records are not reachable.
+ The default is 1 week. The minimum allowed is
+ 1 second; a value of 0 will be updated silently
+ to 1 second.
- rndc serve-stale can be used
- to disable and re-enable the serving of stale
- records at runtime. Reloading or reconfiguring
- named will not re-enable serving
- of stale records if they have been disabled via
- rndc.
+ For stale answers to be returned, they must be enabled,
+ either in the configuration file using
+ stale-answer-enable or via
+ rndc serve-stale on.
diff --git a/doc/arm/logging-categories.xml b/doc/arm/logging-categories.xml
index 216ac77fab..9d3856d444 100644
--- a/doc/arm/logging-categories.xml
+++ b/doc/arm/logging-categories.xml
@@ -315,6 +315,17 @@
+
+
+ serve-stale
+
+
+
+ Whether or not a stale answer is used
+ following a resolver failure.
+
+
+ spill
diff --git a/lib/ns/include/ns/log.h b/lib/ns/include/ns/log.h
index dd81f64a5b..aab57aca09 100644
--- a/lib/ns/include/ns/log.h
+++ b/lib/ns/include/ns/log.h
@@ -28,6 +28,7 @@ LIBNS_EXTERNAL_DATA extern isc_logmodule_t ns_modules[];
#define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_categories[4])
#define NS_LOGCATEGORY_QUERY_ERRORS (&ns_categories[5])
#define NS_LOGCATEGORY_TAT (&ns_categories[6])
+#define NS_LOGCATEGORY_SERVE_STALE (&ns_categories[7])
/*
* Backwards compatibility.
diff --git a/lib/ns/log.c b/lib/ns/log.c
index 636e457bc3..0a321d15a4 100644
--- a/lib/ns/log.c
+++ b/lib/ns/log.c
@@ -34,6 +34,7 @@ LIBNS_EXTERNAL_DATA isc_logcategory_t ns_categories[] = {
{ "update-security", 0 },
{ "query-errors", 0 },
{ "trust-anchor-telemetry", 0 },
+ { "serve-stale", 0 },
{ NULL, 0 }
};
diff --git a/lib/ns/query.c b/lib/ns/query.c
index f147baa202..a656ad7099 100644
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@@ -5493,7 +5493,7 @@ query_lookup(query_ctx_t *qctx) {
dns_name_format(qctx->client->query.qname,
namebuf, sizeof(namebuf));
- isc_log_write(ns_lctx, NS_LOGCATEGORY_GENERAL,
+ isc_log_write(ns_lctx, NS_LOGCATEGORY_SERVE_STALE,
NS_LOGMODULE_QUERY, ISC_LOG_INFO,
"%s resolver failure, stale answer %s",
namebuf, success ? "used" : "unavailable");