mirror of
https://github.com/pi-hole/dnsmasq.git
synced 2025-12-19 18:28:25 +00:00
Impove cache behaviour for TCP connections.
For ease of implementaion, dnsmasq has always forked a new process to handle each incoming TCP connection. A side-effect of this is that any DNS queries answered from TCP connections are not cached: when TCP connections were rare, this was not a problem. With the coming of DNSSEC, it's now the case that some DNSSEC queries have answers which spill to TCP, and if, for instance, this applies to the keys for the root then those never get cached, and performance is very bad. This fix passes cache entries back from the TCP child process to the main server process, and fixes the problem.
This commit is contained in:
Simon Kelley
@@ -930,6 +930,10 @@ int main (int argc, char **argv)
|
||||
check_servers();
|
||||
|
||||
pid = getpid();
|
||||
|
||||
daemon->pipe_to_parent = -1;
|
||||
for (i = 0; i < MAX_PROCS; i++)
|
||||
daemon->tcp_pipes[i] = -1;
|
||||
|
||||
#ifdef HAVE_INOTIFY
|
||||
/* Using inotify, have to select a resolv file at startup */
|
||||
@@ -1611,7 +1615,7 @@ static int set_dns_listeners(time_t now)
|
||||
we don't need to explicitly arrange to wake up here */
|
||||
if (listener->tcpfd != -1)
|
||||
for (i = 0; i < MAX_PROCS; i++)
|
||||
if (daemon->tcp_pids[i] == 0)
|
||||
if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
|
||||
{
|
||||
poll_listen(listener->tcpfd, POLLIN);
|
||||
break;
|
||||
@@ -1624,6 +1628,13 @@ static int set_dns_listeners(time_t now)
|
||||
|
||||
}
|
||||
|
||||
#ifndef NO_FORK
|
||||
if (!option_bool(OPT_DEBUG))
|
||||
for (i = 0; i < MAX_PROCS; i++)
|
||||
if (daemon->tcp_pipes[i] != -1)
|
||||
poll_listen(daemon->tcp_pipes[i], POLLIN);
|
||||
#endif
|
||||
|
||||
return wait;
|
||||
}
|
||||
|
||||
@@ -1632,7 +1643,10 @@ static void check_dns_listeners(time_t now)
|
||||
struct serverfd *serverfdp;
|
||||
struct listener *listener;
|
||||
int i;
|
||||
|
||||
#ifndef NO_FORK
|
||||
int pipefd[2];
|
||||
#endif
|
||||
|
||||
for (serverfdp = daemon->sfds; serverfdp; serverfdp = serverfdp->next)
|
||||
if (poll_check(serverfdp->fd, POLLIN))
|
||||
reply_query(serverfdp->fd, serverfdp->source_addr.sa.sa_family, now);
|
||||
@@ -1642,7 +1656,26 @@ static void check_dns_listeners(time_t now)
|
||||
if (daemon->randomsocks[i].refcount != 0 &&
|
||||
poll_check(daemon->randomsocks[i].fd, POLLIN))
|
||||
reply_query(daemon->randomsocks[i].fd, daemon->randomsocks[i].family, now);
|
||||
|
||||
|
||||
#ifndef NO_FORK
|
||||
/* Races. The child process can die before we read all of the data from the
|
||||
pipe, or vice versa. Therefore send tcp_pids to zero when we wait() the
|
||||
process, and tcp_pipes to -1 and close the FD when we read the last
|
||||
of the data - indicated by cache_recv_insert returning zero.
|
||||
The order of these events is indeterminate, and both are needed
|
||||
to free the process slot. Once the child process has gone, poll()
|
||||
returns POLLHUP, not POLLIN, so have to check for both here. */
|
||||
if (!option_bool(OPT_DEBUG))
|
||||
for (i = 0; i < MAX_PROCS; i++)
|
||||
if (daemon->tcp_pipes[i] != -1 &&
|
||||
poll_check(daemon->tcp_pipes[i], POLLIN | POLLHUP) &&
|
||||
!cache_recv_insert(now, daemon->tcp_pipes[i]))
|
||||
{
|
||||
close(daemon->tcp_pipes[i]);
|
||||
daemon->tcp_pipes[i] = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
for (listener = daemon->listeners; listener; listener = listener->next)
|
||||
{
|
||||
if (listener->fd != -1 && poll_check(listener->fd, POLLIN))
|
||||
@@ -1736,15 +1769,20 @@ static void check_dns_listeners(time_t now)
|
||||
while (retry_send(close(confd)));
|
||||
}
|
||||
#ifndef NO_FORK
|
||||
else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
|
||||
else if (!option_bool(OPT_DEBUG) && pipe(pipefd) == 0 && (p = fork()) != 0)
|
||||
{
|
||||
if (p != -1)
|
||||
close(pipefd[1]); /* parent needs read pipe end. */
|
||||
if (p == -1)
|
||||
close(pipefd[0]);
|
||||
else
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < MAX_PROCS; i++)
|
||||
if (daemon->tcp_pids[i] == 0)
|
||||
if (daemon->tcp_pids[i] == 0 && daemon->tcp_pipes[i] == -1)
|
||||
{
|
||||
daemon->tcp_pids[i] = p;
|
||||
daemon->tcp_pipes[i] = pipefd[0];
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -1761,7 +1799,7 @@ static void check_dns_listeners(time_t now)
|
||||
int flags;
|
||||
struct in_addr netmask;
|
||||
int auth_dns;
|
||||
|
||||
|
||||
if (iface)
|
||||
{
|
||||
netmask = iface->netmask;
|
||||
@@ -1777,7 +1815,11 @@ static void check_dns_listeners(time_t now)
|
||||
/* Arrange for SIGALRM after CHILD_LIFETIME seconds to
|
||||
terminate the process. */
|
||||
if (!option_bool(OPT_DEBUG))
|
||||
alarm(CHILD_LIFETIME);
|
||||
{
|
||||
alarm(CHILD_LIFETIME);
|
||||
close(pipefd[0]); /* close read end in child. */
|
||||
daemon->pipe_to_parent = pipefd[1];
|
||||
}
|
||||
#endif
|
||||
|
||||
/* start with no upstream connections. */
|
||||
|
||||
Reference in New Issue
Block a user