[master] glue-cache option

4664. [func] Add a "glue-cache" option to enable or disable the glue cache. The default is "no" to reduce memory usage, but enabling this option will improve performance in delegation-heavy zones. [RT #45125]

[master] glue-cache option
4664. [func] Add a "glue-cache" option to enable or disable the glue cache. The default is "no" to reduce memory usage, but enabling this option will improve performance in delegation-heavy zones. [RT #45125]
268cea9c · Evan Hunt · cee0d603 · 268cea9c · 268cea9c · 268cea9c
Commit 268cea9c authored Jul 28, 2017 by Evan Hunt
12 changed files
--- a/CHANGES
+++ b/CHANGES
+4664.	[func]		Add a "glue-cache" option to enable or disable the
+			glue cache. The default is "no" to reduce memory
+			usage, but enabling this option will improve
+			performance in delegation-heavy zones. [RT #45125]
+
 4663.	[cleanup]	Clarify error message printed by dnssec-dsfromkey.
 			[RT #21731]


--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -138,6 +138,7 @@ options {\n\
 #	sortlist <none>\n\
 #	topology <none>\n\
 	auth-nxdomain false;\n\
+	glue-cache no;\n\
 	minimal-any false;\n\
 	minimal-responses true;\n\
 	recursion true;\n\

--- a/bin/named/query.c
+++ b/bin/named/query.c
@@ -2066,7 +2066,8 @@ query_addrdataset(ns_client_t *client, dns_name_t *fname,
 	/*
 	 * Try to process glue directly.
 	 */
-	if ((client->view->minimalresponses == dns_minimal_yes) &&
+	if (client->view->use_glue_cache &&
+	    (client->view->minimalresponses == dns_minimal_yes) &&
 	    (rdataset->type == dns_rdatatype_ns) &&
 	    (client->query.gluedb != NULL) &&
 	    dns_db_iszone(client->query.gluedb))

--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -4237,6 +4237,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist,
 	INSIST(result == ISC_R_SUCCESS);
 	view->auth_nxdomain = cfg_obj_asboolean(obj);

+	obj = NULL;
+	result = ns_config_get(maps, "glue-cache", &obj);
+	INSIST(result == ISC_R_SUCCESS);
+	view->use_glue_cache = cfg_obj_asboolean(obj);
+
 	obj = NULL;
 	result = ns_config_get(maps, "minimal-any", &obj);
 	INSIST(result == ISC_R_SUCCESS);

--- a/bin/tests/system/checkconf/bad-glue-cache-bogus.conf
+++ b/bin/tests/system/checkconf/bad-glue-cache-bogus.conf
+/*
+ * Copyright (C) 2017  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+options {
+	glue-cache bogusvalue;
+};
--- a/bin/tests/system/checkconf/good-glue-cache.conf
+++ b/bin/tests/system/checkconf/good-glue-cache.conf
+/*
+ * Copyright (C) 2017  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+options {
+	glue-cache yes;
+};
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -4459,6 +4459,7 @@ badresp:1,adberr:0,findfail:0,valfail:0]
  [ <command>has-old-clients</command> <replaceable>yes_or_no</replaceable> ; ]
  [ <command>host-statistics</command> <replaceable>yes_or_no</replaceable> ; ]
  [ <command>host-statistics-max</command> <replaceable>number</replaceable> ; ]
+  [ <command>glue-cache</command> <replaceable>yes_or_no</replaceable> ; ]
  [ <command>minimal-any</command> <replaceable>yes_or_no</replaceable> ; ]
  [ <command>minimal-responses</command> ( <replaceable>yes_or_no</replaceable> | <option>no-auth</option> | <option>no-auth-recursive</option> ) ; ]
  [ <command>multiple-cnames</command> <replaceable>yes_or_no</replaceable> ; ]
@@ -6394,6 +6395,31 @@ options {
 	      </listitem>
 	    </varlistentry>

+	    <varlistentry>
+	      <term><command>glue-cache</command></term>
+	      <listitem>
+		<para>
+		  When set to <userinput>yes</userinput>, a cache is
+		  used to improve query performance when adding
+		  address-type (A and AAAA) glue records to the
+		  additional section of DNS response messages that
+		  delegate to a child zone.
+		</para>
+		<para>
+		  The glue cache uses memory proportional to the
+		  number of delegations in the zone. The default
+		  setting is <userinput>no</userinput>. Setting it to
+		  <userinput>yes</userinput> will improve performance
+		  at the cost of increased memory usage for the zone.
+		</para>
+		<para>
+		  The glue cache is only used when
+		  <userinput>minimal-responses</userinput> is also set
+		  to <userinput>yes</userinput>.
+		</para>
+	      </listitem>
+	    </varlistentry>
+
 	    <varlistentry>
 	      <term><command>minimal-any</command></term>
 	      <listitem>
@@ -6415,8 +6441,8 @@ options {
 		  will be added to the authority or additional sections.
 		  The default is <userinput>no</userinput>.
 		</para>
-	    </listitem>
-	  </varlistentry>
+	      </listitem>
+	    </varlistentry>

 	    <varlistentry>
 	      <term><command>multiple-cnames</command></term>

--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -201,7 +201,7 @@
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  The <command>new-zones-directory</command> option allows
 	  <command>named</command> to store configuration parameters
 	  for zones added via <command>rndc addzone</command> in a
@@ -211,7 +211,7 @@
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  Many aspects of <command>named</command> have been modified
 	  to improve query performance, and in particular, performance
 	  for delegation-heavy zones:
@@ -228,9 +228,12 @@
 	  </listitem>
 	  <listitem>
 	    <para>
-	      In place of the acache, <command>named</command> now uses
+	      In place of the acache, <command>named</command> can now use
 	      a glue cache to speed up retrieval of glue records when sending
-	      delegation responses.
+	      delegation responses. Use <command>glue-cache yes;</command>
+	      to enable this feature. Because it increases memory usage,
+	      the glue cache is disabled by default, but it can signifiantly
+	      increase performance when serving delegation-heavy zones.
 	    </para>
 	  </listitem>
 	  <listitem>
@@ -256,20 +259,20 @@
 	</itemizedlist>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  The <command>dnstap-read -x</command> option prints a hex
 	  dump of the wire format DNS message encapsulated in each
 	  <command>dnstap</command> log entry. [RT #44816]
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  The <command>host -A</command> option returns most
 	  records for a name, but omits types RRSIG, NSEC and NSEC3.
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  Query logic has been substantially refactored (e.g. query_find
 	  function has been split into smaller functions) for improved
 	  readability, maintainability and testability. [RT #43929]
@@ -396,7 +399,7 @@
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  <command>dnstap</command> now stores both the local and remote
 	  addresses for all messages, instead of only the remote address.
 	  The default output format for <command>dnstap-read</command> has

--- a/doc/misc/options
+++ b/doc/misc/options
@@ -190,6 +190,7 @@ options {
        fstrm-set-reopen-interval <integer>; // not configured
        geoip-directory ( <quoted_string> | none ); // not configured
        geoip-use-ecs ( <quoted_string> | none ); // not configured
+        glue-cache <boolean>;
        has-old-clients <boolean>; // obsolete
        heartbeat-interval <integer>;
        host-statistics <boolean>; // not implemented
@@ -207,7 +208,7 @@ options {
        listen-on-v6 [ port <integer> ] [ dscp
            <integer> ] {
            <address_match_element>; ... }; // may occur multiple times
-        lmdb-mapsize <sizeval>; // non-operational
+        lmdb-mapsize <sizeval>;
        lock-file ( <quoted_string> | none );
        maintain-ixfr-base <boolean>; // obsolete
        managed-keys-directory <quoted_string>;
@@ -520,6 +521,7 @@ view <string> [ <class> ] {
        forward ( first | only );
        forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address>
            | <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
+        glue-cache <boolean>;
        inline-signing <boolean>;
        ixfr-from-differences ( master | slave | <boolean> );
        key <string> {
@@ -528,7 +530,7 @@ view <string> [ <class> ] {
        }; // may occur multiple times
        key-directory <quoted_string>;
        lame-ttl <ttlval>;
-        lmdb-mapsize <sizeval>; // non-operational
+        lmdb-mapsize <sizeval>;
        maintain-ixfr-base <boolean>; // obsolete
        managed-keys { <string> <string>
            <integer> <integer> <integer>

--- a/lib/dns/include/dns/view.h
+++ b/lib/dns/include/dns/view.h
@@ -113,6 +113,7 @@ struct dns_view {
 	dns_fwdtable_t *		fwdtable;
 	isc_boolean_t			recursion;
 	isc_boolean_t			auth_nxdomain;
+	isc_boolean_t			use_glue_cache;
 	isc_boolean_t			minimal_any;
 	dns_minimaltype_t		minimalresponses;
 	isc_boolean_t			enablednssec;

--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@@ -181,6 +181,7 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass,
 	view->enablednssec = ISC_TRUE;
 	view->enablevalidation = ISC_TRUE;
 	view->acceptexpired = ISC_FALSE;
+	view->use_glue_cache = ISC_FALSE;
 	view->minimal_any = ISC_FALSE;
 	view->minimalresponses = dns_minimal_no;
 	view->transfer_format = dns_one_answer;

--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -1881,6 +1881,7 @@ view_clauses[] = {
 	{ "filter-aaaa-on-v6", &cfg_type_filter_aaaa,
 	   CFG_CLAUSEFLAG_NOTCONFIGURED },
 #endif
+	{ "glue-cache", &cfg_type_boolean, 0 },
 	{ "ixfr-from-differences", &cfg_type_ixfrdifftype, 0 },
 	{ "lame-ttl", &cfg_type_ttlval, 0 },
 #ifdef HAVE_LMDB