Update embedded dnsmasq to v2.88test3 #1469
Commits on Nov 9, 2022
-
By default, when sending a query via random ports to multiple upstream servers or retrying a query dnsmasq will use a single random port for all the tries/retries. This option allows a larger number of ports to be used, which can increase robustness in certain network configurations. Note that increasing this to more than two or three can have security and resource implications and should only be done with understanding of those. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
This gives dnsmasq the ability to originate retries for upstream DNS queries itself, rather than relying on the downstream client. This is most useful when doing DNSSEC over unreliable upstream network. It comes with some cost in memory usage and network bandwidth. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Remove fast-retry development logging.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix namebuff overwrite leading to wrong log after socket bind warning.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Second try at port-limit option.
1) It's expected to fail to bind a new source port when they are scarce, suppress warning in log in this case. 2) Optimse bind_local when max_port - min_port is small. There's no randomness in this case, so we try all possible source ports rather than poking at random ones for an arbitrary number of tries. 3) In allocate_rfd() handle the case that all available source ports are already open. In this case we need to pick an existing socket/port to use, such that it has a different port from any we already hold. This gives the required property that the set of ports utilised by any given query is set by --port-limit and we don't re-use any until we have port-limit different ones. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Further optimisation of --port-limit.
No longer try and fail to open every port when the port range is in complete use; go straight to re-using an existing socket. Die at startup if port range is smaller than --port-limit, since the code behaves badly in this case. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Add GetServerMetrics method to DBus interface.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Add stale cache replies to metrics.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Return EDE_STALE extended error when returning stale data from cache.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Make fast-retry more configurable and do exponential backoff.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Add metric for queries which never see an answer.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Count NXDOMAIN replies from each server.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Combine server stats from all records for the same server in DBUS met…
…hod. The DBUS per-server stats method should combine the stats from different records (for different domains) in the same way at the logging code. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Keep a per-DNS-server moving average of query latency.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Tweak server-selection logic in the fast-retry case.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Split failed queries in retries in stat counting.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Initialise modified-moving-average latency calc better.
Use the first value, rather than initialising at zero, which takes many queries to converge. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Don't exclude stale-cache answers from "local answered" metric.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Optimise cache code when stale caching in use.
Exclude DNSSEC entries from stale caching. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix bug in --dynamic-host when interface has /16 IPv4 address.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Update embedded dnsmasq to v2.88test1
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Locally blocked queries are not stale
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Improve logging of DNS record source from --hostsdir files.
Patch author Dominik Derigs <dl6er@dl6er.de> with subsequent bugfixes and tweaks from Simon Kelley. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Enhance --hostdir so that records are automatically removed when re-r…
…eading. Initial patch from Dominik Derigs, re-written by Simon Kelley. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Handle multiple addresses when removing duplicates in host files.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix loss of DNS servers on config reload.
A bug, introduced in 2.87, which could result in DNS servers being removed from the configuration when reloading server configuration from DBus, or re-reading /etc/resolv.conf Only servers from the same source should be replaced, but some servers from other sources (ie hard coded or another dynamic source) could mysteriously disappear. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix in dhcpv4 rapid-commit code.
1) Cosmetic: don't log the tags twice. 2) Functional. If a host has an old lease for a different address, the rapid-commit will appear to work, but the old lease will not be removed and the new lease will not be recorded, so the client and server will have conflicting state, leading to problems later. Signed-off-by: Dominik Derigs <dl6er@dl6er.de>
-
Do not (try to) re-read deleted files inside a --hostsdir.
Signed-off-by: Dominik Derigs <dl6er@dl6er.de>
-
Inotify: make "flushed" log message more understandable.
Saying we've "flushed x outdated entries" is confusing, since the count is the total number of entries in the modified file, most of which are going to get added straight back when the file is re-read. The log now looks like dnsmasq: inotify: /tmp/dir/1 (new or modified) dnsmasq: inotify: flushed 1 addresses read from /tmp/dir/1 dnsmasq: read /tmp/dir/1 - 2 addresses which hopefully make it more obvious that /tmp/dir/1 contained one address before, and now contains two. Signed-off-by: Dominik Derigs <dl6er@dl6er.de>
-
Reconcile "names" and "address" counts when reading hostfiles.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Allow domain names as well is IP addresses in --server options.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix breakage of --local=/domain.name/1.2.3.4 in immediately previous …
…commit. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Extend specifying DNS servers by domain-name to --rev-server
Also Dbus SetDomainServers method. Revert getaddrinfo hints.ai_socktype to SOCK_DGRAM to eliminate duplicating every address three times for DGRAM, STREAM and RAW in the results. Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Add support for dnsmasq flags F_SRV and F_STALE
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Allow FTL to analyze stale cache replies. They are assigned to a new …
…query type (17) Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Call freeaddrinfo() in domain_rev[46]()
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Make specifying nameservers by name work for DBus API.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix --server with multiple domains.
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Signed-off-by: DL6ER <dl6er@dl6er.de>
-
Fix incorrect three-way merge happened when importing the stale-cache…
… patch Signed-off-by: DL6ER <dl6er@dl6er.de>
