9.2.1 and allow-v6-synthesis
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue May 7 04:08:31 UTC 2002
> > > I've just trying to set up A6 records to see how they work. The
> > > resolver libraries my clients have don't support A6 records, so I
> > > tried turning on "allow-v6-synthesis". When I did this the nameserver
> > > slowed to a crawl (so slow that most queries timed out)!
>
> > Did you start simple or dive in the deep end with
> > complicted A6 chains? An A6 chain can take thousands
> > of queries to resolve.
>
> I'd started with a 4 record A6 chain, with all the A6 records in a
> zone we are a master for. This actually produced a sensible result;
> when I turned on allow-v6-synthesis I could "ssh -6 walton-a6.maths.tcd.ie"
> on a client that only supported AAAA records (though a little
> slowly).
>
> The odd thing was that even lookups which allow-v6-synthesis should
> have had no impact on became very slow ("dig A salmon.maths.tcd.ie"
> timed out most of the time).
Just sounds like the server is under powered / swapping for
the load being put on it.
The code that starts the v6 synthesis process shouldn't put
a load on other queries unless you have a complicated
acl.
if (RECURSIONOK(client) &&
(qtype == dns_rdatatype_aaaa || qtype == dns_rdatatype_ptr) &&
client->message->rdclass == dns_rdataclass_in &&
ns_client_checkacl(client, "v6 synthesis",
client->view->v6synthesisacl,
ISC_FALSE, ISC_LOG_DEBUG(9)) == ISC_R_SUCCESS)
You could try moving the label count test to before the acl check.
i.e.
change
qtype == dns_rdatatype_ptr
to
(qtype == dns_rdatatype_ptr &&
dns_name_countlabels(client->query.qname) == 32 + 3)
in bin/named/query.c.
dns_name_countlabels() is very light weight compared to
ns_client_checkacl(). This would stop all the PTR queries
causing the acl to be processed.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list