Hi Cristoph,

On 7/6/19 9:39 PM, Christoph wrote:
> we run a small DoH server using dnsdist
> and are observing an almost linear growth
> of dnsdist's file descriptor usage
> (initially about ~1k/day now down to ~500/day)
> Is this expected behavior?

No, it's not. Would you be able to issue a lsof -n -p <pid of the
dnsdist process>? If you don't want to shared the whole output, for
example because of the IP addresses listed in there, can you at least
confirm that most of the file descriptors are incoming TCP sockets from
clients to the DoH port? It could also be TCP connections from dnsdist
to your backend but we do clean these up regularly.

I wonder if that might be related to [1], which fixes an issue with
timeouts. Would you be willing to test it? We can provide packages if

> What will happen when it hits the limit
> of 16k?

We might refuse new TCP connections, or if we fail to properly handle a
case you might see dnsdist restarting after an unhandled exception.

[1]: https://github.com/PowerDNS/pdns/pull/7927

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

Attachment: signature.asc
Description: OpenPGP digital signature

dnsdist mailing list

Reply via email to