From: Remi Gacogne Date: Tue, 1 Aug 2017 16:29:41 +0000 (+0200) Subject: dnsdist: Add console completion and docs for the new additions: X-Git-Tag: rec-4.1.0-rc1~22^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4bc167b82a932163d897045f52116003845c560a;p=pdns dnsdist: Add console completion and docs for the new additions: * CPU pinning * Cache sharding / deferred locking * `recvmmsg()` use --- diff --git a/pdns/dnsdist-console.cc b/pdns/dnsdist-console.cc index 04e796322..423e90bd1 100644 --- a/pdns/dnsdist-console.cc +++ b/pdns/dnsdist-console.cc @@ -276,11 +276,11 @@ const std::vector g_consoleKeywords{ { "addAnyTCRule", true, "", "(deprecated) generate TC=1 answers to ANY queries received over UDP, moving them to TCP" }, { "addDelay", true, "domain, n", "(deprecated) delay answers within that domain by n milliseconds" }, { "addDisableValidationRule", true, "DNS rule", "(deprecated) set the CD flags to 1 for all queries matching the specified domain" }, - { "addDNSCryptBind", true, "\"127.0.0.1:8443\", \"provider name\", \"/path/to/resolver.cert\", \"/path/to/resolver.key\", {reusePort=false, tcpFastOpenSize=0, interface=\"\"}", "listen to incoming DNSCrypt queries on 127.0.0.1 port 8443, with a provider name of `provider name`, using a resolver certificate and associated key stored respectively in the `resolver.cert` and `resolver.key` files. The fifth optional parameter is a table of parameters" }, + { "addDNSCryptBind", true, "\"127.0.0.1:8443\", \"provider name\", \"/path/to/resolver.cert\", \"/path/to/resolver.key\", {reusePort=false, tcpFastOpenSize=0, interface=\"\", cpus={}}", "listen to incoming DNSCrypt queries on 127.0.0.1 port 8443, with a provider name of `provider name`, using a resolver certificate and associated key stored respectively in the `resolver.cert` and `resolver.key` files. The fifth optional parameter is a table of parameters" }, { "addDomainBlock", true, "domain", "(deprecated) block queries within this domain" }, { "addDomainSpoof", true, "domain, ip[, ip6]", "(deprecated) generate answers for A/AAAA/ANY queries using the ip parameters" }, { "addDynBlocks", true, "addresses, message[, seconds[, action]]", "block the set of addresses with message `msg`, for `seconds` seconds (10 by default), applying `action` (default to the one set with `setDynBlocksAction()`)" }, - { "addLocal", true, "addr [, {doTCP=true, reusePort=false, tcpFastOpenSize=0, interface=\"\"}]", "add `addr` to the list of addresses we listen on" }, + { "addLocal", true, "addr [, {doTCP=true, reusePort=false, tcpFastOpenSize=0, interface=\"\", cpus={}}]", "add `addr` to the list of addresses we listen on" }, { "addLuaAction", true, "x, func", "where 'x' is all the combinations from `addAction`, and func is a function with the parameter `dq`, which returns an action to be taken on this packet. Good for rare packets but where you want to do a lot of processing" }, { "addLuaResponseAction", true, "x, func", "where 'x' is all the combinations from `addAction`, and func is a function with the parameter `dr`, which returns an action to be taken on this response packet. Good for rare packets but where you want to do a lot of processing" }, { "addNoRecurseRule", true, "domain", "(deprecated) clear the RD flag for all queries matching the specified domain" }, @@ -332,7 +332,7 @@ const std::vector g_consoleKeywords{ { "mvResponseRule", true, "from, to", "move response rule 'from' to a position where it is in front of 'to'. 'to' can be one larger than the largest rule" }, { "mvRule", true, "from, to", "move rule 'from' to a position where it is in front of 'to'. 'to' can be one larger than the largest rule, in which case the rule will be moved to the last position" }, { "newDNSName", true, "name", "make a DNSName based on this .-terminated name" }, - { "newPacketCache", true, "maxEntries[, maxTTL=86400, minTTL=0, temporaryFailureTTL=60, staleTTL=60, dontAge=false]", "return a new Packet Cache" }, + { "newPacketCache", true, "maxEntries[, maxTTL=86400, minTTL=0, temporaryFailureTTL=60, staleTTL=60, dontAge=false, numberOfShards=1, deferrableInsertLock=true]", "return a new Packet Cache" }, { "newQPSLimiter", true, "rate, burst", "configure a QPS limiter with that rate and that burst capacity" }, { "newRemoteLogger", true, "address:port [, timeout=2, maxQueuedEntries=100, reconnectWaitTime=1]", "create a Remote Logger object, to use with `RemoteLogAction()` and `RemoteLogResponseAction()`" }, { "newRuleAction", true, "DNS rule, DNS action", "return a pair of DNS Rule and DNS Action, to be used with `setRules()`" }, @@ -366,7 +366,7 @@ const std::vector g_consoleKeywords{ { "setECSSourcePrefixV4", true, "prefix-length", "the EDNS Client Subnet prefix-length used for IPv4 queries" }, { "setECSSourcePrefixV6", true, "prefix-length", "the EDNS Client Subnet prefix-length used for IPv6 queries" }, { "setKey", true, "key", "set access key to that key" }, - { "setLocal", true, "addr [, {doTCP=true, reusePort=false, tcpFastOpenSize=0, interface=\"\"}]", "reset the list of addresses we listen on to this address" }, + { "setLocal", true, "addr [, {doTCP=true, reusePort=false, tcpFastOpenSize=0, interface=\"\", cpus={}}]", "reset the list of addresses we listen on to this address" }, { "setMaxTCPClientThreads", true, "n", "set the maximum of TCP client threads, handling TCP connections" }, { "setMaxTCPConnectionDuration", true, "n", "set the maximum duration of an incoming TCP connection, in seconds. 0 means unlimited" }, { "setMaxTCPConnectionsPerClient", true, "n", "set the maximum number of TCP connections per client. 0 means unlimited" }, diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index a8eae8e6a..ebfdd8255 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -58,8 +58,9 @@ Listen Sockets * ``doTCP=true``: bool - Also bind on TCP on ``address``. * ``reusePort=false``: bool - Set the ``SO_REUSEPORT`` socket option. - * ``tcpFastOpenSize=0``: int - Set the TCP Fast Open queue size, enabling TCP Fast Open when available and the value is larger than 0 - * ``interface=""``: str - Sets the network interface to use + * ``tcpFastOpenSize=0``: int - Set the TCP Fast Open queue size, enabling TCP Fast Open when available and the value is larger than 0. + * ``interface=""``: str - Set the network interface to use. + * ``cpus={}``: table - Set the CPU affinity for this listener thread, asking the scheduler to run it on a single CPU id, or a set of CPU ids. This parameter is only available if the OS provides the pthread_setaffinity_np() function. .. code-block:: lua @@ -397,7 +398,10 @@ PacketCache A Pool can have a packet cache to answer queries directly in stead of going to the backend. See :doc:`../guides/cache` for a how to. -.. function:: newPacketCache(maxEntries[, maxTTL=86400[, minTTL=0[, temporaryFailureTTL=60[, staleTTL=60[, dontAge=false]]]]]) -> PacketCache +.. function:: newPacketCache(maxEntries[, maxTTL=86400[, minTTL=0[, temporaryFailureTTL=60[, staleTTL=60[, dontAge=false[, numberOfShards=1[, deferrableInsertLock=true]]]]]]]) -> PacketCache + + .. versionchanged:: 1.2.0 + ``numberOfShard`` and ``deferrableInsertLock`` parameters added. Creates a new :class:`PacketCache` with the settings specified. @@ -406,7 +410,9 @@ See :doc:`../guides/cache` for a how to. :param int minTTL: Don't cache entries with a TTL lower than this :param int temporaryFailureTTL: On a SERVFAIL or REFUSED from the backend, cache for this amount of seconds :param int staleTTL: When the backend servers are not reachable, send responses if the cache entry is expired at most this amount of seconds - :param bool dontAge: Don't reduce TTLs when serving from the cache. use this when :program:`dnsdist` fronts a cluster of authoritative servers + :param bool dontAge: Don't reduce TTLs when serving from the cache. Use this when :program:`dnsdist` fronts a cluster of authoritative servers + :param int numberOfShards: Number of shards to divide the cache into, to reduce lock contention + :param bool deferrableInsertLock: Whether the cache should give up insertion if the lock is held by another thread, or simply wait to get the lock .. class:: PacketCache diff --git a/pdns/dnsdistdist/docs/reference/dnscrypt.rst b/pdns/dnsdistdist/docs/reference/dnscrypt.rst index 84133e248..a906364fc 100644 --- a/pdns/dnsdistdist/docs/reference/dnscrypt.rst +++ b/pdns/dnsdistdist/docs/reference/dnscrypt.rst @@ -17,6 +17,7 @@ DNSCrypt objects and functions * ``reusePort=false``: bool - Set the ``SO_REUSEPORT`` socket option. * ``tcpFastOpenSize=0``: int - Set the TCP Fast Open queue size, enabling TCP Fast Open when available and the value is larger than 0 * ``interface=""``: str - Sets the network interface to use + * ``cpus={}``: table - Set the CPU affinity for this listener thread, asking the scheduler to run it on a single CPU id, or a set of CPU ids. This parameter is only available if the OS provides the pthread_setaffinity_np() function. .. function:: generateDNSCryptProviderKeys(publicKey, privateKey) diff --git a/pdns/dnsdistdist/docs/reference/tuning.rst b/pdns/dnsdistdist/docs/reference/tuning.rst index 5471e4d91..8f6d99233 100644 --- a/pdns/dnsdistdist/docs/reference/tuning.rst +++ b/pdns/dnsdistdist/docs/reference/tuning.rst @@ -73,8 +73,18 @@ Tuning related functions :param int num: +.. function:: setUDPMultipleMessagesVectorSize(num) + + .. versionadded:: 1.2.0 + + Set the maximum number of UDP queries messages to accept in a single `recvmmsg()` call. Only available if the underlying OS + support `recvmmsg()` with the `MSG_WAITFORONE` option. Defaults to 1, which means only query at a time is accepted, using + `recvmsg()` instead of `recvmmsg()`. + + :param int num: + .. function:: setUDPTimeout(num) - set the maximum time dnsdist will wait for a response from a backend over UDP, in seconds. Defaults to 2 + Set the maximum time dnsdist will wait for a response from a backend over UDP, in seconds. Defaults to 2 :param int num: