change response cache ttl (--enable-cache-ttl)

SUKMOON LEE smlee at sk.com
Thu Aug 4 11:25:28 UTC 2016 

Hello Sirs,

I am Sukmoon Lee, a software developer and network engineer in South Korea.

Recently, most clients(smart phone) have a local DNS cache.
The Cache DNS TTL  affects the client cache expiration time domain. So many clients have caused a burst DNS traffic.
In order to solve this issue made the following patches for 9.9.9-P2 ISC BIND.

It was modified so as not to affect the original code as much as possible.
This function is working using '--enable-cache-ttl' option.
So cache DNS responses a stored cache TTL.

My question is wondering whether to require this function.
So, please check code that there are no problems.

Thank you.

Sukmoon Lee






diff -Nur bind-9.9.9-P2/bin/named/query.c bind-9.9.9-P2-ttl/bin/named/query.c
--- bind-9.9.9-P2/bin/named/query.c	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/bin/named/query.c	2016-07-27 11:05:46.414020726 +0900
@@ -2302,11 +2302,15 @@
 	dns_rdatalist_init(dns64_rdatalist);
 	dns64_rdatalist->rdclass = dns_rdataclass_in;
 	dns64_rdatalist->type = dns_rdatatype_aaaa;
+#ifdef USE_CACHE_STORED_TTL
+	dns64_rdatalist->ttl = rdataset->base_ttl;
+#else
 	if (client->query.dns64_ttl != ISC_UINT32_MAX)
 		dns64_rdatalist->ttl = ISC_MIN(rdataset->ttl,
 					       client->query.dns64_ttl);
 	else
 		dns64_rdatalist->ttl = ISC_MIN(rdataset->ttl, 600);
+#endif
 
 	if (RECURSIONOK(client))
 		flags |= DNS_DNS64_RECURSIVE;
@@ -2360,6 +2364,9 @@
 	result = dns_rdatalist_tordataset(dns64_rdatalist, dns64_rdataset);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;
+#ifdef USE_CACHE_STORED_TTL
+	dns64_rdataset->base_ttl = rdataset->base_ttl;
+#endif
 	client->query.attributes |= NS_QUERYATTR_NOADDITIONAL;
 	dns64_rdataset->trust = rdataset->trust;
 	query_addrdataset(client, mname, dns64_rdataset);
@@ -5456,7 +5463,11 @@
 	dns_rdataset_current(&rdataset, &rdata);
 	result = dns_rdata_tostruct(&rdata, &soa, NULL);
 	RUNTIME_CHECK(result == ISC_R_SUCCESS);
+#ifdef USE_CACHE_STORED_TTL
+	ttl = ISC_MIN(rdataset.base_ttl, soa.minimum);
+#else
 	ttl = ISC_MIN(rdataset.ttl, soa.minimum);
+#endif
 
 cleanup:
 	if (dns_rdataset_isassociated(&rdataset))
@@ -6984,10 +6995,14 @@
 			 * decremented to zero or if there was no negative cache
 			 * ttl in the answer.
 			 */
+#ifdef USE_CACHE_STORED_TTL
+			client->query.dns64_ttl = rdataset->base_ttl;
+#else
 			if (rdataset->ttl != 0)
 				client->query.dns64_ttl = rdataset->ttl;
 			else if (dns_rdataset_first(rdataset) == ISC_R_SUCCESS)
 				client->query.dns64_ttl = 0;
+#endif
 			query_releasename(client, &fname);
 			dns_db_detachnode(db, &node);
 			rdataset = NULL;
@@ -7510,7 +7525,11 @@
 			 */
 			client->query.dns64_aaaa = rdataset;
 			client->query.dns64_sigaaaa = sigrdataset;
+#ifdef USE_CACHE_STORED_TTL
+			client->query.dns64_ttl = rdataset->base_ttl;
+#else
 			client->query.dns64_ttl = rdataset->ttl;
+#endif
 			query_releasename(client, &fname);
 			dns_db_detachnode(db, &node);
 			rdataset = NULL;
diff -Nur bind-9.9.9-P2/config.h.in bind-9.9.9-P2-ttl/config.h.in
--- bind-9.9.9-P2/config.h.in	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/config.h.in	2016-07-27 08:35:55.669404673 +0900
@@ -159,6 +159,9 @@
 /* Define to enable the "filter-aaaa-on-v4" option. */
 #undef ALLOW_FILTER_AAAA_ON_V4
 
+/* Define to enable the "cache-ttl" option. */
+#undef USE_CACHE_STORED_TTL
+
 /* define if ATF unit tests are to be built. */
 #undef ATF_TEST
 
diff -Nur bind-9.9.9-P2/configure bind-9.9.9-P2-ttl/configure
--- bind-9.9.9-P2/configure	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/configure	2016-07-27 08:33:08.743618406 +0900
@@ -1024,6 +1024,7 @@
 with_dlz_stub
 with_make_clean
 enable_full_report
+enable_cache_ttl
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1690,6 +1691,7 @@
 			  [default=no]
   --enable-querytrace     enable very verbose query trace logging [default=no]
   --enable-full-report	  report values of all configure options
+  --enable-cache-ttl	  use response a stored cache ttl [default=no]
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -11442,6 +11444,7 @@
 	test "${enable_fetchlimit+set}" = set || enable_fetchlimit=yes
 	test "${enable_warn_error+set}" = set || enable_warn_error=yes
 	test "${enable_warn_shadow+set}" = set || enable_warn_shadow=yes
+	test "${enable_cache_ttl+set}" = set || enable_cache_ttl=yes
 	;;
 esac
 #
@@ -13211,6 +13214,26 @@
 
 
 #
+# check if we want Stored Cache TTL
+#
+# Check whether --enable-cache-ttl was given.
+if test "${enable_cache_ttl+set}" = set; then :
+  enableval=$enable_cache_ttl;
+fi
+
+case "$enable_cache_ttl" in
+yes)
+
+$as_echo "#define USE_CACHE_STORED_TTL 1" >>confdefs.h
+
+	;;
+*)
+	;;
+esac
+
+
+
+#
 # check if we have kqueue
 #
 # Check whether --enable-kqueue was given.
@@ -23531,6 +23554,8 @@
 test "$want_querytrace" = "yes" && \
     echo "    Very verbose query trace logging (--enable-querytrace)"
 test "$atf" = "no" || echo "    Automated Testing Framework (--with-atf)"
+test "$enable_cache_ttl" = "yes" && \
+    echo "    Stored cache TTL (--enable-cacht-ttl)"
 
 # these lines are only printed if run with --enable-full-report
 if test "$enable_full_report" = "yes"; then
@@ -23590,6 +23615,8 @@
     echo "    ECDSA algorithm support (--with-ecdsa)"
 test "X$PYTHON" = "X" && echo "    Python tools (--with-python)"
 test "X$libxml2_libs" = "X" && echo "    XML statistics (--with-libxml2)"
+test "$enable_cacht_ttl" = "yes" || \
+    echo "    Stored cache TTL (--enable-cache-ttl)"
 
 if test "X$ac_unrecognized_opts" != "X"; then
     echo
diff -Nur bind-9.9.9-P2/lib/dns/include/dns/rdataset.h bind-9.9.9-P2-ttl/lib/dns/include/dns/rdataset.h
--- bind-9.9.9-P2/lib/dns/include/dns/rdataset.h	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/lib/dns/include/dns/rdataset.h	2016-07-27 08:33:28.849073731 +0900
@@ -137,6 +137,9 @@
 	dns_rdataclass_t		rdclass;
 	dns_rdatatype_t			type;
 	dns_ttl_t			ttl;
+#ifdef USE_CACHE_STORED_TTL
+	dns_ttl_t			base_ttl;
+#endif
 	dns_trust_t			trust;
 	dns_rdatatype_t			covers;
 	/*
diff -Nur bind-9.9.9-P2/lib/dns/rbtdb.c bind-9.9.9-P2-ttl/lib/dns/rbtdb.c
--- bind-9.9.9-P2/lib/dns/rbtdb.c	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/lib/dns/rbtdb.c	2016-07-27 08:33:49.981554223 +0900
@@ -342,6 +342,9 @@
 	 */
 	rbtdb_serial_t                  serial;
 	dns_ttl_t                       rdh_ttl;
+#ifdef USE_CACHE_STORED_TTL
+	dns_ttl_t                       base_ttl;
+#endif
 	rbtdb_rdatatype_t               type;
 	isc_uint16_t                    attributes;
 	dns_trust_t                     trust;
@@ -2948,6 +2951,9 @@
 	rdataset->type = RBTDB_RDATATYPE_BASE(header->type);
 	rdataset->covers = RBTDB_RDATATYPE_EXT(header->type);
 	rdataset->ttl = header->rdh_ttl - now;
+#ifdef USE_CACHE_STORED_TTL
+	rdataset->base_ttl = header->base_ttl;
+#endif
 	rdataset->trust = header->trust;
 	if (NEGATIVE(header))
 		rdataset->attributes |= DNS_RDATASETATTR_NEGATIVE;
@@ -6676,6 +6682,13 @@
 	newheader = (rdatasetheader_t *)region.base;
 	init_rdataset(rbtdb, newheader);
 	set_ttl(rbtdb, newheader, rdataset->ttl + now);
+#ifdef USE_CACHE_STORED_TTL
+	if (rdataset->type==0) { // ncache for dns64
+		newheader->base_ttl = rdataset->ttl;
+	} else {
+		newheader->base_ttl = rdataset->base_ttl;
+	}
+#endif
 	newheader->type = RBTDB_RDATATYPE_VALUE(rdataset->type,
 						rdataset->covers);
 	newheader->attributes = 0;
@@ -6862,6 +6875,13 @@
 	newheader = (rdatasetheader_t *)region.base;
 	init_rdataset(rbtdb, newheader);
 	set_ttl(rbtdb, newheader, rdataset->ttl);
+#ifdef USE_CACHE_STORED_TTL
+	if (rdataset->type==0) { // ncache for dns64
+		newheader->base_ttl = rdataset->ttl;
+	} else {
+		newheader->base_ttl = rdataset->base_ttl;
+	}
+#endif
 	newheader->type = RBTDB_RDATATYPE_VALUE(rdataset->type,
 						rdataset->covers);
 	newheader->attributes = 0;
diff -Nur bind-9.9.9-P2/lib/dns/rdataset.c bind-9.9.9-P2-ttl/lib/dns/rdataset.c
--- bind-9.9.9-P2/lib/dns/rdataset.c	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/lib/dns/rdataset.c	2016-07-27 10:49:36.011035374 +0900
@@ -70,6 +70,9 @@
 	rdataset->rdclass = 0;
 	rdataset->type = 0;
 	rdataset->ttl = 0;
+#ifdef USE_CACHE_STORED_TTL
+	rdataset->base_ttl = 0;
+#endif
 	rdataset->trust = 0;
 	rdataset->covers = 0;
 	rdataset->attributes = 0;
@@ -99,6 +102,9 @@
 	rdataset->rdclass = 0;
 	rdataset->type = 0;
 	rdataset->ttl = 0;
+#ifdef USE_CACHE_STORED_TTL
+	rdataset->base_ttl = 0;
+#endif
 	rdataset->trust = 0;
 	rdataset->covers = 0;
 	rdataset->attributes = 0;
@@ -126,6 +132,9 @@
 	rdataset->rdclass = 0;
 	rdataset->type = 0;
 	rdataset->ttl = 0;
+#ifdef USE_CACHE_STORED_TTL
+	rdataset->base_ttl = 0;
+#endif
 	rdataset->trust = 0;
 	rdataset->covers = 0;
 	rdataset->attributes = 0;
@@ -488,7 +497,15 @@
 		isc_buffer_putuint16(target, rdataset->type);
 		isc_buffer_putuint16(target, rdataset->rdclass);
 		if (!question) {
+#ifdef USE_CACHE_STORED_TTL
+			if (rdataset->type==dns_rdatatype_a || rdataset->type==dns_rdatatype_aaaa) {
+				isc_buffer_putuint32(target, rdataset->base_ttl);
+			} else {
+				isc_buffer_putuint32(target, rdataset->ttl);
+			}
+#else
 			isc_buffer_putuint32(target, rdataset->ttl);
+#endif
 
 			/*
 			 * Save space for rdlen.
diff -Nur bind-9.9.9-P2/lib/dns/resolver.c bind-9.9.9-P2-ttl/lib/dns/resolver.c
--- bind-9.9.9-P2/lib/dns/resolver.c	2016-07-14 08:54:33.000000000 +0900
+++ bind-9.9.9-P2-ttl/lib/dns/resolver.c	2016-07-27 10:46:42.692031770 +0900
@@ -5119,6 +5119,13 @@
 		if (rdataset->ttl > res->view->maxcachettl)
 			rdataset->ttl = res->view->maxcachettl;
 
+#ifdef USE_CACHE_STORED_TTL
+		/*
+		 * Save a stored cache TTL.
+		 */
+		rdataset->base_ttl = rdataset->ttl;
+
+#endif
 		/*
 		 * Find the SIG for this rdataset, if we have it.
 		 */

More information about the bind-users mailing list