Skip to content

Problem with stale-answer-enable true and clients-per-query increased

Summary

If stale-answer-enable true; is set and clients-per-query 0; is NOT set, and a large amount of queries per second for the same name are sent, then messages like resolver: notice: clients-per-query increased to 15 are not logged. The clients-per-query are supposed to be increased up to max-clients-per-query. It is currently unknown if this is a logging problem only or if the limit is not actually being incremented.

BIND version used

BIND 9.16.37 (Extended Support Version) <id:2b2afb2>
running on Linux aarch64 5.10.0-21-arm64 #1 SMP Debian 5.10.162-1 (2023-01-21)
built by make with '--enable-dnstap' '--with-libxml2' '--with-json-c' '--with-zlib' '--enable-full-report' '--prefix=/usr/local/BIND/9.16.37'
compiled by GCC 10.2.1 20210110
compiled with OpenSSL version: OpenSSL 1.1.1n  15 Mar 2022
linked to OpenSSL version: OpenSSL 1.1.1n  15 Mar 2022
compiled with libuv version: 1.40.0
linked to libuv version: 1.40.0
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.15
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
compiled with protobuf-c version: 1.3.3
linked to protobuf-c version: 1.3.3
threads support is enabled
DNSSEC algorithms: RSASHA1 NSEC3RSASHA1 RSASHA256 RSASHA512 ECDSAP256SHA256 ECDSAP384SHA384 ED25519 ED448
DS algorithms: SHA-1 SHA-256 SHA-384
HMAC algorithms: HMAC-MD5 HMAC-SHA1 HMAC-SHA224 HMAC-SHA256 HMAC-SHA384 HMAC-SHA512
TKEY mode 2 support (Diffie-Hellman): yes
TKEY mode 3 support (GSS-API): no

default paths:
  named configuration:  /usr/local/BIND/9.16.37/etc/named.conf
  rndc configuration:   /usr/local/BIND/9.16.37/etc/rndc.conf
  DNSSEC root key:      /usr/local/BIND/9.16.37/etc/bind.keys
  nsupdate session key: /usr/local/BIND/9.16.37/var/run/named/session.key
  named PID file:       /usr/local/BIND/9.16.37/var/run/named/named.pid
  named lock file:      /usr/local/BIND/9.16.37/var/run/named/named.lock

Steps to reproduce

In config file:

  • set stale-answer-enable true;, stale-answer-client-timeout 1800;, stale-answer-ttl 31; and stale-refresh-time 90;
  • Make sure clients-per-query and max-clients-per-query are not present in the config file

Run queryperf with a dataset that contains www.microsoft.com A like so: ./queryperf -d dataset2 -l 300 -T 1000 -u 500 -s 192.168.115.227 -v -c where dataset2 contains: www.microsoft.com A

What is the current bug behavior?

Messages such as resolver: notice: clients-per-query increased to 15 are not logged.

What is the expected correct behavior?

These messages should be logged as clients-per-query is increased toward max-clients-per-query.

Please note that merely changing stale-answer-enable true; to stale-answer-enable false; causes the messages to appear as shown:

17-May-2023 17:48:05.891 clients-per-query increased to 15
17-May-2023 17:48:06.163 clients-per-query increased to 20
17-May-2023 17:48:06.735 clients-per-query increased to 25
17-May-2023 17:48:06.903 clients-per-query increased to 30

Relevant configuration files

options {
	directory "/usr/local/BIND/9.16.37/var/cache/bind";
	pid-file "/usr/local/BIND/9.16.37/var/run/named.pid";
	querylog no;
	recursive-clients 10000;
	serial-query-rate 200;
	tcp-clients 500;
	transfers-per-ns 10;
	version "unknown";
	check-names slave ignore;
	stale-answer-enable true;
	stale-answer-client-timeout 1800;
	stale-answer-ttl 31;
	stale-refresh-time 90;
	allow-transfer {
		"localhost";
	};
	multi-master yes;
	notify no;
};
statistics-channels {
	inet 0.0.0.0 port 8080;
};

RT22057

Edited by Darren Ankney
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information