Hello dnsdist community,
for those running dnsdist I'm wondering is anyone has set up cache.
If you have, I'd appreciate pointers in your strategies (and/or some
examples?).
________________________________
De : SAMI RAHAL
Envoyé : samedi 23 juillet 2022 10:29:13
À : pdns-users@mailman.powerdns.com
Objet : Re: [dnsdist] Dnsdist not reading from the cache
Hi
this is my entire configuration thank you
-- Include additional configuration
includeDirectory("/etc/dnsdist/conf.d")
setACL("0.0.0.0/0")
controlSocket("127.0.0.1")
setKey("Key")
webserver ("DnsdistIP:8083", "Password", "Key",{}, "authoroziedIP")
addLocal("DnsdistIP:53")
setLocal("0.0.0.0:53")
----------------- Backend------------------------
newServer({name="unbound",pool="resolver", address="IPresolver1", qps=2000,
order=1})
newServer({name="pdns-recursor",pool="resolver", address="IPresolver2",
order=2})
-------------------------- Begin Log ----------------------
--addAction(AllRule(), LogAction("/var/log/dnsdist.log", false, true,
false,true))
--addAction(AllRule(), LogAction("/var/log/dnsdist/dnsdist.log",true,
true,true,true,true))
--addAction(AllRule(), LogAction("/var/log/dnsdist/dnsdist.log",false, true,
false, false, true))
-------------------------------------------------------caching
-----------------------
setPoolServerPolicy(leastOutstanding, "resolver")
pc = newPacketCache(2000000, {maxTTL=43200, minTTL=0,temporaryFailureTTL=60,
staleTTL=60, dontAge=false})
getPool("resolver"):setCache(pc)
addAction(AllRule(), PoolAction("resolver"))
-----------------------------------------------Begin security rules
-------------------------
local dbr = dynBlockRulesGroup()
dbr:setQueryRate(250, 10, "Exceeded query rate", 20)
dbr:setRCodeRate(DNSRCode.NXDOMAIN, 20, 10, "Exceeded NXD rate", 60)
dbr:setRCodeRate(DNSRCode.SERVFAIL, 20, 10, "Exceeded ServFail rate", 60)
dbr:setQTypeRate(DNSQType.ANY, 5, 10, "Exceeded ANY rate", 180)
--dbr:setResponseByteRate(1000, 10, "Exceeded resp BW rate", 60)
function maintenance()
dbr:apply()
end
addAction(MaxQPSIPRule(100), DropAction())
addAction(MaxQPSIPRule(50, 24, 64), DropAction())
addAction({"nl.", "be."}, QPSAction(1))
---------------------------------------------------End security
rules--------------------------
Cordialement, Sami Rahal Service Hosting DNS et Cloud Direction Technique & SI
Siège Social TOPNET, Centre Urbain Nord Tél. :71185000 GSM :99 459 812
________________________________
De : Pdns-users <pdns-users-boun...@mailman.powerdns.com> de la part de
pdns-users-requ...@mailman.powerdns.com
<pdns-users-requ...@mailman.powerdns.com>
Envoyé : vendredi 22 juillet 2022 14:00
À : pdns-users@mailman.powerdns.com
Objet : [EXTERNE]Pdns-users Digest, Vol 234, Issue 7
ATTENTION:Cet e-mail provient d'une personne externe à TOPNET. Ne pas cliquer
sur des liens ou ouvrir des pièces jointes à moins que vous êtes absolument sûr
de l'origine de l'e-mail.
'
Send Pdns-users mailing list submissions to
pdns-users@mailman.powerdns.com
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.powerdns.com/mailman/listinfo/pdns-users
or, via email, send a message with subject or body 'help' to
pdns-users-requ...@mailman.powerdns.com
You can reach the person managing the list at
pdns-users-ow...@mailman.powerdns.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Pdns-users digest..."
Today's Topics:
1. Re: [dnsdist] Dnsdist not reading from the cache (Klaus Darilion)
----------------------------------------------------------------------
Message: 1
Date: Fri, 22 Jul 2022 12:53:51 +0200
From: Klaus Darilion <klaus.daril...@nic.at>
To: Jacob Bunk Nielsen <j...@one.com> ,
"pdns-users@mailman.powerdns.com" <pdns-users@mailman.powerdns.com>
Subject: Re: [Pdns-users] [dnsdist] Dnsdist not reading from the cache
Message-ID: <d9adee25407c4b9da740af015e124...@nic.at>
Content-Type: text/plain; charset="us-ascii"
In old dnsdist versions the chache was per "cookie". So make sure to test with
DNS cookies.
regards
Klaus
Von: dnsdist <dnsdist-boun...@mailman.powerdns.com> Im Auftrag von Jacob Bunk
Nielsen via dnsdist
Gesendet: Freitag, 22. Juli 2022 12:28
An: dnsd...@mailman.powerdns.com
Betreff: Re: [dnsdist] Dnsdist not reading from the cache
On 22/07/2022 12.11, SAMI RAHAL via dnsdist wrote:
Hello dnsdist community,
The dnsdist cache does not work
Version: dnsdist 1.7.0 (Lua 5.1.4 [LuaJIT 2.0.4])
here is my configuration:
setPoolServerPolicy(leastOutstanding, "cacheTestiong")
test_pc = newPacketCache(2000000, {maxTTL=43200,
minTTL=0,temporaryFailureTTL=60, staleTTL=60, dontAge=false})
getPool("cacheTestiong"):setCache(test_pc)
addAction(AllRule(), PoolAction("cacheTestiong"))
Are you certain that this is your entire configuration? I'm guessing it's not.
Best regards,
Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mailman.powerdns.com/pipermail/pdns-users/attachments/20220722/3e805195/attachment-0001.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
------------------------------
End of Pdns-users Digest, Vol 234, Issue 7
******************************************
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
