From 73d9bf3ad13de7031a71700d00fb4efbab8ca938 Mon Sep 17 00:00:00 2001 From: Otto Moerbeek Date: Mon, 1 Apr 2019 14:27:27 +0200 Subject: [PATCH] Reformulate condition and comment to make it more clear. --- pdns/recursordist/docs/settings.rst | 2 +- pdns/recursordist/test-syncres_cc.cc | 2 +- pdns/syncres.cc | 11 +++++------ 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index ceb92bcf0..10613c0e1 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -432,7 +432,7 @@ Can be set at runtime using ``rec_control set-ecs-minimum-ttl 3600``. - Integer - Default: 0 (disabled) -The minumum TTL for an ECS-specific answer to be inserted into the query cache. This condition applies in conjunction with ``ecs-ipv4-cache-bits`` or ``ecs-ipv6-cache-bits``. +The minimum TTL for an ECS-specific answer to be inserted into the query cache. This condition applies in conjunction with ``ecs-ipv4-cache-bits`` or ``ecs-ipv6-cache-bits``. That is, only if both the limits apply, the record will not be cached. .. _setting-ecs-scope-zero-address: diff --git a/pdns/recursordist/test-syncres_cc.cc b/pdns/recursordist/test-syncres_cc.cc index 52ca667af..4b5e62972 100644 --- a/pdns/recursordist/test-syncres_cc.cc +++ b/pdns/recursordist/test-syncres_cc.cc @@ -2175,7 +2175,7 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) { BOOST_CHECK_EQUAL(res, RCode::NoError); BOOST_CHECK_EQUAL(ret.size(), 1); - /* should have been cached because /24 is more specific than /16 but TTL limit is nof efective */ + /* should have been cached because /24 is more specific than /16 but TTL limit is nof effective */ const ComboAddress who("192.0.2.128"); vector cached; BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); diff --git a/pdns/syncres.cc b/pdns/syncres.cc index 3af79100d..1b71d3c19 100644 --- a/pdns/syncres.cc +++ b/pdns/syncres.cc @@ -2421,14 +2421,13 @@ RCode::rcodes_ SyncRes::updateCacheFromRecords(unsigned int depth, LWResult& lwr */ if (i->first.type != QType::NSEC3 && (i->first.type == QType::DS || i->first.type == QType::NS || i->first.type == QType::A || i->first.type == QType::AAAA || isAA || wasForwardRecurse)) { - bool doCache = i->first.place != DNSResourceRecord::ANSWER || !ednsmask; - // if ednsmask is relevant, we do not want to cache if the scope > ecslimit and TTL < limitttl - if (!doCache && ednsmask) { - bool manyMaskBits = (ednsmask->isIpv4() && ednsmask->getBits() > SyncRes::s_ecsipv4cachelimit) || + bool doCache = true; + if (i->first.place == DNSResourceRecord::ANSWER && ednsmask) { + // If ednsmask is relevant, we do not want to cache if the scope prefix length is large and TTL is small + if (SyncRes::s_ecscachelimitttl > 0) { + bool manyMaskBits = (ednsmask->isIpv4() && ednsmask->getBits() > SyncRes::s_ecsipv4cachelimit) || (ednsmask->isIpv6() && ednsmask->getBits() > SyncRes::s_ecsipv6cachelimit); - doCache = true; - if (SyncRes::s_ecscachelimitttl > 0) { if (manyMaskBits) { uint32_t minttl = UINT32_MAX; for (const auto &it : i->second.records) { -- 2.40.0