Le 10/09/2025 à 10:58 AM, Damien Claisse a écrit :
Current behavior is to release requester and resolution right after DNS resolution, which prevents DNS caching to happen. Instead, keep the requester and rely on "hold valid" timeout to update the resolution as expected and stream cleanup code to release structures, effectively allowing another stream resolving the same FQDN to reuse the resolution if it is still valid (the "cache"). This should be backported on all supported versions as a test version compiled from the commit introducing the cache (7264dfe) confirms it doesn't work, as the structures were already released too early. --- src/resolvers.c | 1 + 1 file changed, 1 insertion(+)diff --git a/src/resolvers.c b/src/resolvers.c index 6daee3e14..b90e665e7 100644 --- a/src/resolvers.c +++ b/src/resolvers.c @@ -3132,6 +3132,7 @@ enum act_return resolv_action_do_resolve(struct act_rule *rule, struct proxy *px smp.strm = s;vars_set_by_name(rule->arg.resolv.varname, strlen(rule->arg.resolv.varname), &smp);+ goto end; } } }
Thanks Damien. Indeed, there is an issue. But your patch does not really fix the issue because the requester is still released when the stream is released. If it is the last one, the resolution will still be released too and the cached result with it. So the only way to get a cached result on a do-resolv action is to have enough streams requesting the same FQDN in same time to always have at least one stream still alive to keep the resolution used.
Instead, I suggest to be able to keep orphan resolutions, when the last requester is a stream, and during at most the hold valid time. It means the resolver task should be responsible to clean expired orphan resolution. To do so process_resolvers() must be modified accordingly.
I will try to emit a patch soon, hoping it will be light enough to be safely backported...
-- Christopher Faulet
