Re: [Dnsmasq-discuss] [PATCH 2/2] Add D-Bus methods to add or remove a lease from the internal database.
Long delay, I've returned to this. The many parameters seem a bit ugly (I'm no Dbus expert, so I may be wrong), especially having to includes is_temporary and IAID in DHCPv4 leases. One solution to this might be to have seperate AddDhcp4Lease and AddDhcp6Lease methods. Another option may be to remove the is_temporary flag and only allow non-temporary leases to be created this way. Temporary leases are for random addresses (like privacy addresses in SLAAC) so there may be no need to be able to create them via this route. Final suggestion, which is more radical: just have one argument, which is a string, and looks like a line in the leases file. It would be easy to pass that to the parsing code in src/lease.c, saving much code. Scripting may be easier too. A request, would it be possible to have suitable updates to dbus/DBus-interface in the patch, whatever scheme is finally done? Cheers, Simon. On 29/04/15 12:17, Nicolas Cavallari wrote: On 28/04/2015 22:58, Simon Kelley wrote: On 27/04/15 12:53, Nicolas Cavallari wrote: AddDhcpLease can be used to add or update a lease in the internal database, while DeleteDhcpLease deletes a lease. I can see the utility of DeleteDhcpLease (there's already a hacky little utility that does the same thing by faking a DHCPRELEASE message) . But what is the use of AddDhcpLease? Several people on the mailing list have expressed the need for it. My use-case is a bit similar to the first one: http://article.gmane.org/gmane.network.dns.dnsmasq.general/7697 http://article.gmane.org/gmane.network.dns.dnsmasq.general/9310 http://article.gmane.org/gmane.network.dns.dnsmasq.general/1300 http://article.gmane.org/gmane.network.dns.dnsmasq.general/5336 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Kind request regarding Dnsmasq's Dns response auto caching feature not working
Hi All, Still unable to solve the Dnsmasq Cache Down problem, anything I am very fundamentally missing in cache configuration for DNS response traffic in Dnsmasq, when remote queries hit at vEth0 interface via 172.23.23.13 IPv4 address from tun0 tunnel interface at 10.20.0.1, where DNS server is running at remotely at 172.23.23.10#53. When nameserver 127.0.0.1 were added in only locally generated Dns traffic, Dnsmasq Cache works correctly and some cache were updated, but in case of remotely generated traffic, which arrived at vEth0 interface from tun0, Dnsmasq not working on any DNS Response traffic consistently, logs confirms it. Any tips/tricks on Dnsmasq Dns Cache working setup would be very very helpful. Thanks Regards, Joy *dnsmasq: cache size 300, 0/0 cache insertions re-used unexpired cache entries.* *dnsmasq: queries forwarded 0, queries answered locally 0* /etc/dnsmasq.conf 561 log-facility=/var/log/dnsmasq.log 562 log-queries 563 log-dhcp 564 no-daemon 565 interface=vEth0 566 interface=tun0 567 bind-interfaces 568 all-servers 569 cache-size=300 570 neg-ttl=3600 571 local-ttl=3600 572 server=/firepitdoc.app.jayapadhi.com/10.60.70.191 573 interface-name=firepitdoc.app.jayapadhi.com,vEth0/4 574 user=root 575 group=root 576 577 server=10.25.25.2 578 server= 172.23.23.10 579 addn-hosts=/etc/dnsmasq.hosts 580 listen-address=172.23.23.13 581 listen-address=10.20.0.1 root@cfae:/var/log# cat /etc/dnsmasq.hosts 10.60.70.190 blrfirepit.app.jayapadhi.com root@cfae:/var/log# cat /etc/resolv.conf domain jayapadhi.com search jayapadhi.com nameserver 10.25.25.2 root@cfae:/var/log# cat /etc/host host.confhostname hostshosts.allow hosts.deny root@cfae:/var/log# cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 xyz # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters /var/log/dnsmasq.log root@cfae:/var/log# /etc/init.d/dnsmasq restart * Restarting DNS forwarder and DHCP server dnsmasq dnsmasq: started, version 2.59 cachesize 300 dnsmasq: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP conntrack IDN dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: reading /etc/resolv.conf dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: read /etc/hosts - 7 addresses dnsmasq: read /etc/dnsmasq.hosts - 1 addresses User defined signal 1 root@cfae:/var/log# root@cfae:/var/log# root@cfae:/var/log# dnsmasq: reading /etc/resolv.conf dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: time 1433431170 *dnsmasq: cache size 300, 0/0 cache insertions re-used unexpired cache entries.* *dnsmasq: queries forwarded 0, queries answered locally 0* dnsmasq: server 10.60.70.191#53: queries sent 0, retried or failed 0 dnsmasq: server 10.25.25.2#53: queries sent 0, retried or failed 0 dnsmasq: server 172.23.23.10#53: queries sent 0, retried or failed 0 dnsmasq: Host Address Flags Expires dnsmasq: ip6-loopback ::1 6F I H dnsmasq: pep 127.0.1.1 4FRI H dnsmasq: blrfirepit.app.jayapadhi.com 10.60.70.190 4FRI H dnsmasq: ip6-mcastprefix ff00:: 6FRI H dnsmasq: ip6-allrouters ff02::2 6FRI H dnsmasq: ip6-localhost::1 6FRI H dnsmasq: localhost127.0.0.1 4FRI H dnsmasq: ip6-allnodes ff02::1 6FRI H dnsmasq: ip6-localnet fe00:: 6FRI H root@cfae:/var/log# iptables-save # Generated by iptables-save v1.4.12 on Thu Jun 4 11:27:21 2015 *raw :PREROUTING ACCEPT [58811:9140569] :OUTPUT ACCEPT [32414:8911344] -A PREROUTING -i eth2 -j CT --notrack -A PREROUTING -i vEth1 -j CT --notrack -A PREROUTING -i eth3 -j CT --notrack -A PREROUTING -i lo -j CT --notrack -A OUTPUT -o eth2 -j CT --notrack -A OUTPUT -o vEth1 -j CT --notrack -A OUTPUT -o eth3 -j CT --notrack -A OUTPUT -o lo -j CT --notrack COMMIT # Completed on Thu Jun 4 11:27:21 2015 # Generated by iptables-save v1.4.12 on Thu Jun 4 11:27:21 2015 *nat :PREROUTING ACCEPT [2010:128170] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [102:7604] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o vEth0 -j MASQUERADE COMMIT # Completed on Thu Jun 4
[Dnsmasq-discuss] dnsmasq does not answer dhcp requests
Hi everybody, although I am apparently not the only one with problems like these. Still, I have not found a solution by looking through the list - that's why I am posting this mail. Sorry, if I should have overseen any important hint - feel free to point me to the right direction... So, here is my issue: I have set up my (Debian based) Kali system (Linux kali 3.18.0-kali3-amd64 #1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux) to provide a wireless access point with hostapd (v1.0). To provide clients with IP addresses, I am using dnsmasq (version 2.62). The configured SSID gets advertised and when I connect to it (e.g. with my smartphone) the device will be briefly authenticated and immediately deauthenticated. tail -f /var/log/syslog Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: authenticated Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: associated (aid 1) Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 RADIUS: starting accounting session 556F807A- Jun 3 18:33:06 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: disassociated Jun 3 18:33:07 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: deauthenticated due to inactivity Apparently this deauthentication is due to the device not getting an IP address via DHCP. When I look for network traffic on the wifi interface, I will see the DHCP requests: # tcpdump -i wlan1 ip tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wlan1, link-type EN10MB (Ethernet), capture size 65535 bytes 18:33:04.694155 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:04.694254 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:06.172565 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:06.172641 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 In the dnsmasq log I can see the corresponding requests: # tail -f /var/log/dnsmasq.log Jun 3 17:57:59 dnsmasq[11398]: exiting on receipt of SIGTERM Jun 3 17:58:01 dnsmasq[11511]: started, version 2.62 cachesize 150 Jun 3 17:58:01 dnsmasq[11511]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack Jun 3 17:58:01 dnsmasq[11511]: warning: no upstream servers configured Jun 3 17:58:01 dnsmasq-dhcp[11511]: DHCP, IP range 10.0.0.10 -- 10.0.0.250, lease time 12h Jun 3 17:58:01 dnsmasq[11511]: read /etc/hosts - 5 addresses Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 available DHCP range: 10.0.0.10 -- 10.0.0.250 Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 available DHCP range: 10.0.0.10 -- 10.0.0.250 Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC So, the DHCP requests apparently reach the dnsmasq daemon - however this guy is not responding in any way. But why??? Here is my dnsmasq config: # cat /etc/dnsmasq.conf log-facility=/var/log/dnsmasq.log interface=wlan1 dhcp-range=10.0.0.10,10.0.0.250,12h dhcp-option=1,255.255.255.0 dhcp-option=3,10.0.0.1 dhcp-option=6,10.0.0.1 log-queries log-dhcp iptables is configured to forward traffic from the wifi interface to eth0, but has no other restrictions: # iptables -L -v Chain INPUT (policy ACCEPT 6784 packets, 9546K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- wlan1 eth0anywhere anywhere Chain OUTPUT (policy ACCEPT 6900 packets, 923K bytes) pkts bytes target prot opt in out source destination Is there any way to get more debugging information? Or does anybody on this list have a solution to this strange behaviour? Any help is greatly appreciated! Regards, Tom ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq does not answer dhcp requests
Hi Tom, Le Thu, 4 Jun 2015 07:26:55 -0400, Tom Tomson nobol...@gmail.com a écrit : Hi everybody, although I am apparently not the only one with problems like these. Still, I have not found a solution by looking through the list - that's why I am posting this mail. Sorry, if I should have overseen any important hint - feel free to point me to the right direction... So, here is my issue: I have set up my (Debian based) Kali system (Linux kali 3.18.0-kali3-amd64 #1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux) to provide a wireless access point with hostapd (v1.0). To provide clients with IP addresses, I am using dnsmasq (version 2.62). The configured SSID gets advertised and when I connect to it (e.g. with my smartphone) the device will be briefly authenticated and immediately deauthenticated. tail -f /var/log/syslog Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: authenticated Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: associated (aid 1) Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 RADIUS: starting accounting session 556F807A- Jun 3 18:33:06 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: disassociated Jun 3 18:33:07 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: deauthenticated due to inactivity Apparently this deauthentication is due to the device not getting an IP address via DHCP. When I look for network traffic on the wifi interface, I will see the DHCP requests: # tcpdump -i wlan1 ip tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wlan1, link-type EN10MB (Ethernet), capture size 65535 bytes 18:33:04.694155 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:04.694254 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:06.172565 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 18:33:06.172641 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP, Request from d8:96:95:27:30:b4 (oui Unknown), length 300 In the dnsmasq log I can see the corresponding requests: # tail -f /var/log/dnsmasq.log Jun 3 17:57:59 dnsmasq[11398]: exiting on receipt of SIGTERM Jun 3 17:58:01 dnsmasq[11511]: started, version 2.62 cachesize 150 Jun 3 17:58:01 dnsmasq[11511]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack Jun 3 17:58:01 dnsmasq[11511]: warning: no upstream servers configured Jun 3 17:58:01 dnsmasq-dhcp[11511]: DHCP, IP range 10.0.0.10 -- 10.0.0.250, lease time 12h Jun 3 17:58:01 dnsmasq[11511]: read /etc/hosts - 5 addresses Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 available DHCP range: 10.0.0.10 -- 10.0.0.250 Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 available DHCP range: 10.0.0.10 -- 10.0.0.250 Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC So, the DHCP requests apparently reach the dnsmasq daemon - however this guy is not responding in any way. But why??? Here is my dnsmasq config: # cat /etc/dnsmasq.conf log-facility=/var/log/dnsmasq.log interface=wlan1 dhcp-range=10.0.0.10,10.0.0.250,12h dhcp-option=1,255.255.255.0 dhcp-option=3,10.0.0.1 dhcp-option=6,10.0.0.1 log-queries log-dhcp What are the configurations of the wlan1 and eth0 interfaces ? iptables is configured to forward traffic from the wifi interface to eth0, but has no other restrictions: This does not forward traffic from the wifi interface to eth0, this just forwards anything (policy is ACCEPT); the wlan1/eth0 specific line does nothing. Besides, what is the point of forwarding traffic from wlan1 to eth0? Either packets incoming on wlan1 all have a destination IP in the subnet where eth0 belongs, and the kernel will route them anyway, r they have a destination outside the eth0 subnet, and they should not be routed to eth0. # iptables -L -v Chain INPUT (policy ACCEPT 6784 packets, 9546K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- wlan1 eth0anywhere anywhere Chain OUTPUT (policy ACCEPT 6900 packets, 923K bytes) pkts bytes target prot opt in out source destination Is there any way to get more debugging information? Or does anybody on this list have a solution to this strange behaviour? Any help is greatly appreciated! Regards, Tom Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Kind request regarding Dnsmasq's Dns response auto caching feature not working
Hi All, A small correction on the latest setting without any success till now: /etc/dnsmasq.conf log-facility=/var/log/dnsmasq.log log-queries log-dhcp no-daemon interface=vEth0 interface=tun0 bind-interfaces all-servers cache-size=300 neg-ttl=3600 local-ttl=3600 server=/firepitdoc.app.jayapadhi.com/172.23.23.10 #interface-name=firepitdoc.app.jayapadhi.com,vEth0/4 user=root group=root server=172.23.23.10 server=10.25.25.2 addn-hosts=/etc/dnsmasq.hosts listen-address=172.23.23.13 listen-address=10.20.0.1 /etc/dnsmasq.hosts 10.60.70.191 firepitdoc.app.jayapadhi.com root@cfae:~# ps aux | grep dnsmasq root 29658 0.0 0.0 21656 1660 pts/3S+ 12:13 0:00 vi /etc/dnsmasq.conf root 29754 0.0 0.0 4404 760 pts/0S+ 12:14 0:00 /bin/sh /etc/init.d/dnsmasq restart root 29770 0.0 0.0 27544 1488 pts/0S+ 12:14 0:00 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -i vEth0 -2 vEth0 -r /var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new root 29779 0.0 0.0 8080 616 pts/4S+ 12:14 0:00 grep --color=auto dnsmasq root@cfae:~# sudo tcpdump -s 0 -l -n port 53 12:15:08.208820 IP 172.23.23.13.60659 172.23.23.10.53: 62705+ A? firepitdoc.app.jayapadhi.com. (46) 12:15:08.211889 IP 172.23.23.10.53 172.23.23.13.60659: 62705* 1/0/0 A 10.60.70.191 (62) 12:20:55.462247 IP 172.23.23.13.59571 172.23.23.10.53: 24925+ A? firepitdoc.app.jayapadhi.com. (46) 12:20:55.463651 IP 172.23.23.10.53 172.23.23.13.59571: 24925* 1/0/0 A 10.60.70.191 (62) Any tips/tricks on Dnsmasq Dns Cache working setup would be very very helpful. Thanks Regards, JGhosh On Thu, Jun 4, 2015 at 4:22 PM, Joyabrata Ghosh joy.car...@gmail.com wrote: Hi All, Still unable to solve the Dnsmasq Cache Down problem, anything I am very fundamentally missing in cache configuration for DNS response traffic in Dnsmasq, when remote queries hit at vEth0 interface via 172.23.23.13 IPv4 address from tun0 tunnel interface at 10.20.0.1, where DNS server is running at remotely at 172.23.23.10#53. When nameserver 127.0.0.1 were added in only locally generated Dns traffic, Dnsmasq Cache works correctly and some cache were updated, but in case of remotely generated traffic, which arrived at vEth0 interface from tun0, Dnsmasq not working on any DNS Response traffic consistently, logs confirms it. Any tips/tricks on Dnsmasq Dns Cache working setup would be very very helpful. Thanks Regards, Joy *dnsmasq: cache size 300, 0/0 cache insertions re-used unexpired cache entries.* *dnsmasq: queries forwarded 0, queries answered locally 0* /etc/dnsmasq.conf 561 log-facility=/var/log/dnsmasq.log 562 log-queries 563 log-dhcp 564 no-daemon 565 interface=vEth0 566 interface=tun0 567 bind-interfaces 568 all-servers 569 cache-size=300 570 neg-ttl=3600 571 local-ttl=3600 572 server=/firepitdoc.app.jayapadhi.com/10.60.70.191 573 interface-name=firepitdoc.app.jayapadhi.com,vEth0/4 574 user=root 575 group=root 576 577 server=10.25.25.2 578 server= 172.23.23.10 579 addn-hosts=/etc/dnsmasq.hosts 580 listen-address=172.23.23.13 581 listen-address=10.20.0.1 root@cfae:/var/log# cat /etc/dnsmasq.hosts 10.60.70.190 blrfirepit.app.jayapadhi.com root@cfae:/var/log# cat /etc/resolv.conf domain jayapadhi.com search jayapadhi.com nameserver 10.25.25.2 root@cfae:/var/log# cat /etc/host host.confhostname hostshosts.allow hosts.deny root@cfae:/var/log# cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 xyz # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters /var/log/dnsmasq.log root@cfae:/var/log# /etc/init.d/dnsmasq restart * Restarting DNS forwarder and DHCP server dnsmasq dnsmasq: started, version 2.59 cachesize 300 dnsmasq: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP conntrack IDN dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: reading /etc/resolv.conf dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: read /etc/hosts - 7 addresses dnsmasq: read /etc/dnsmasq.hosts - 1 addresses User defined signal 1 root@cfae:/var/log# root@cfae:/var/log# root@cfae:/var/log# dnsmasq: reading /etc/resolv.conf dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 172.23.23.10#53 dnsmasq: using nameserver 10.25.25.2#53 dnsmasq: using nameserver 10.60.70.191#53 for domain firepitdoc.app.jayapadhi.com dnsmasq: time 1433431170 *dnsmasq: cache size
