BIND merge requestshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests2020-11-13T18:31:43Zhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3936Reduce the default rbt hashtable size to 16 entries (4 bits) (v9.16)2020-11-13T18:31:43ZOndřej SurýReduce the default rbt hashtable size to 16 entries (4 bits) (v9.16)The hash table rework MR (!3865, !3871) increased the default RBT
hashtable size to 16 bits (512KB). This works fine for RTB when used as
a cache, but because there are three separate RBT tables for every zone
loaded (RRs, NSEC, NSEC3) ...The hash table rework MR (!3865, !3871) increased the default RBT
hashtable size to 16 bits (512KB). This works fine for RTB when used as
a cache, but because there are three separate RBT tables for every zone
loaded (RRs, NSEC, NSEC3) the memory usage would skyrocket when BIND 9
is used as authoritative DNS server with many zones.
The default RBT hashtable size before the rework was 64 entries, this
commit reduces it to 16 entries because our educated guess is that most
zones are just couple of entries (SOA, NS, A, AAAA, MX) and the
rehashing small hashtables is actually cheap. The rework we did in the
previous MR tries to avoid growing the hashtables for big-to-huge caches
where the growing the hashtable comes with a price because the whole
cache needs to be locked.
Closes #1775August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3935Reduce the default rbt hashtable size to 16 entries (4 bits)2021-06-14T11:44:55ZOndřej SurýReduce the default rbt hashtable size to 16 entries (4 bits)The hash table rework MR (!3865, !3871) increased the default RBT
hashtable size to 16 bits (512KB). This works fine for RTB when used as
a cache, but because there are three separate RBT tables for every zone
loaded (RRs, NSEC, NSEC3) ...The hash table rework MR (!3865, !3871) increased the default RBT
hashtable size to 16 bits (512KB). This works fine for RTB when used as
a cache, but because there are three separate RBT tables for every zone
loaded (RRs, NSEC, NSEC3) the memory usage would skyrocket when BIND 9
is used as authoritative DNS server with many zones.
The default RBT hashtable size before the rework was 64 entries, this
commit reduces it to 16 entries because our educated guess is that most
zones are just couple of entries (SOA, NS, A, AAAA, MX) and the
rehashing small hashtables is actually cheap. The rework we did in the
previous MR tries to avoid growing the hashtables for big-to-huge caches
where the growing the hashtable comes with a price because the whole
cache needs to be locked.
Closes #1775August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3922[v9_16] Remove arm64 jobs from GitLab CI2020-08-05T10:09:31ZMichał Kępień[v9_16] Remove arm64 jobs from GitLab CI(cherry picked from commit 49f245f7c00faf1d85bc4eab81904cf742ad2cc3)(cherry picked from commit 49f245f7c00faf1d85bc4eab81904cf742ad2cc3)August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3921[v9_16] Set "max-cache-size" in the "geoip2" system test2020-08-05T09:43:20ZMichał Kępień[v9_16] Set "max-cache-size" in the "geoip2" system test(cherry picked from commit 4292d5bdfe6a0ff1de64e0aee6cb3975dd7ef085)
Closes #2065(cherry picked from commit 4292d5bdfe6a0ff1de64e0aee6cb3975dd7ef085)
Closes #2065August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3920Remove arm64 jobs from GitLab CI2020-08-05T10:07:24ZMichał KępieńRemove arm64 jobs from GitLab CIThe only arm64 runner we have at our disposal is suffering from
intermittent connectivity issues which make it unusable for extended
periods of time. Remove arm64 jobs from GitLab CI until we manage to
set up an arm64 runner with more r...The only arm64 runner we have at our disposal is suffering from
intermittent connectivity issues which make it unusable for extended
periods of time. Remove arm64 jobs from GitLab CI until we manage to
set up an arm64 runner with more reliable connectivity.August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3919Set "max-cache-size" in the "geoip2" system test2021-06-14T11:44:55ZMichał KępieńSet "max-cache-size" in the "geoip2" system testThe named configuration files used in the "geoip2" system test cause a
rather large number of views (6-8) to be set up in each tested named
instance. Each view has its own cache.
Commit e24bc324b455d9cad7b51acd3d5c7b4e40c66187 caused t...The named configuration files used in the "geoip2" system test cause a
rather large number of views (6-8) to be set up in each tested named
instance. Each view has its own cache.
Commit e24bc324b455d9cad7b51acd3d5c7b4e40c66187 caused the RBT hash
table to be pre-allocated to a size derived from "max-cache-size", so
that it never needs to be rehashed. The size of that hash table is not
expected to be significant enough to cause memory use issues in typical
conditions even for large "max-cache-size" settings.
However, these two factors combined can cause memory exhaustion issues
in GitLab CI, where we run multiple "instances" of the test suite in
parallel on the same runner, each test suite executes multiple system
tests concurrently, and each system test may potentially start multiple
named instances at the same time. In practice, this problem currently
only seems to be affecting the "geoip2" system test, which is failing
intermittently due to named instances used by that test getting killed
by oom-killer.
Prevent the "geoip2" system test from failing intermittently by setting
"max-cache-size" in named configuration files used in that test to a low
value in order to keep memory usage at bay even with a large number of
views configured.
Closes #2065August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3917[v9_16] Update description of forwarding behavior in ARM2020-08-04T19:50:59ZMichał Kępień[v9_16] Update description of forwarding behavior in ARM(cherry picked from commit 30e126ad02c703e51e6df58ec1e84bdb72884426)
Closes #2030(cherry picked from commit 30e126ad02c703e51e6df58ec1e84bdb72884426)
Closes #2030August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3914Marka dns r badtsig map to formerr v9 162020-08-05T10:25:43ZMark AndrewsMarka dns r badtsig map to formerr v9 16August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Mark AndrewsMark Andrewshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3913Serve stale improvements (9.16)2020-08-05T10:24:14ZMatthijs Mekkingmatthijs@isc.orgServe stale improvements (9.16)August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Matthijs Mekkingmatthijs@isc.orgMatthijs Mekkingmatthijs@isc.orghttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3911[v9_16] Restore placeholder entry at sequence number 54812020-08-03T20:15:22ZMichał Kępień[v9_16] Restore placeholder entry at sequence number 5481(cherry picked from commit 029e32c01af7fd1260c33ee48094be633aac3511)(cherry picked from commit 029e32c01af7fd1260c33ee48094be633aac3511)August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3910Restore placeholder entry at sequence number 54812020-08-03T20:51:30ZMichał KępieńRestore placeholder entry at sequence number 5481The last `[placeholder]` entry in `CHANGES` added by !3903 was
inadvertently overridden by !3873. Restore the original placeholder at
sequence number 5481.The last `[placeholder]` entry in `CHANGES` added by !3903 was
inadvertently overridden by !3873. Restore the original placeholder at
sequence number 5481.August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3907Resolve "Bind not handling interfaces changes correctly when listen-on-v6 an...2020-08-04T09:46:44ZOndřej SurýResolve "Bind not handling interfaces changes correctly when listen-on-v6 any specified"Closes #2038Closes #2038August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3901Always check the return from isc_refcount_decrement.2020-08-04T09:45:13ZMark AndrewsAlways check the return from isc_refcount_decrement.Created isc_refcount_decrement_expect macro to test conditionally
the return value to ensure it is in expected range. Converted
unchecked isc_refcount_decrement to use isc_refcount_decrement_expect.
Converted INSIST(isc_refcount_decreme...Created isc_refcount_decrement_expect macro to test conditionally
the return value to ensure it is in expected range. Converted
unchecked isc_refcount_decrement to use isc_refcount_decrement_expect.
Converted INSIST(isc_refcount_decrement()...) to isc_refcount_decrement_expect.
(cherry picked from commit bde5c7632ad62f5a9e7d2165695e6db2fc654e46)
Closes #1456August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Mark AndrewsMark Andrewshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3900Refactor the code that counts the last log version to keep2020-07-31T00:26:00ZMark AndrewsRefactor the code that counts the last log version to keepWhen silencing the Coverity warning in remove_old_tsversions(), the code
was refactored to reduce the indentation levels and break down the long
code into individual functions. This improve fix for [GL #1989].
(cherry picked from commi...When silencing the Coverity warning in remove_old_tsversions(), the code
was refactored to reduce the indentation levels and break down the long
code into individual functions. This improve fix for [GL #1989].
(cherry picked from commit aca18b8b5ba5133c087fc9cbfc3901b6351bfaaf)
Closes #2033August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Mark AndrewsMark Andrewshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3898[v9_16] Various system test fixes2020-07-30T14:57:49ZMichal Nowak[v9_16] Various system test fixesBackport of various system test fixes from https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3623#note_150463.Backport of various system test fixes from https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3623#note_150463.August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michal NowakMichal Nowakhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3897[v9_16] Only run system tests as root in developer mode2020-07-31T05:47:21ZMichał Kępień[v9_16] Only run system tests as root in developer modeRunning system tests with root privileges is potentially dangerous.
Only allow it when explicitly requested (by building with
--enable-developer).
(cherry picked from commit 3ef106f69df076340914257df4bdd1a1c22a9440)Running system tests with root privileges is potentially dangerous.
Only allow it when explicitly requested (by building with
--enable-developer).
(cherry picked from commit 3ef106f69df076340914257df4bdd1a1c22a9440)August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3896[v9_16] Fix idle timeout for connected TCP sockets2020-07-30T09:49:52ZMichał Kępień[v9_16] Fix idle timeout for connected TCP socketsCloses #2024Closes #2024August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3894Only run system tests as root in developer mode2020-07-30T13:50:38ZMichał KępieńOnly run system tests as root in developer modeRunning system tests with root privileges is potentially dangerous.
Only allow it when explicitly requested by building with
`--enable-developer`.
Background:
- https://support.isc.org/Ticket/Display.html?id=16783
- https://matterm...Running system tests with root privileges is potentially dangerous.
Only allow it when explicitly requested by building with
`--enable-developer`.
Background:
- https://support.isc.org/Ticket/Display.html?id=16783
- https://mattermost.isc.org/isc/pl/yy7auk73rifm3x4pgee58sgccy
Instead of further tweaking the UID switching test (which is tedious to
get right because of all the "host scenarios" we need to account for),
prevent it from being run altogether unless `--enable-developer` is
used.August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)Michał KępieńMichał Kępieńhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3890report libuv version string in `named -V`2020-07-30T12:47:04ZEvan Huntreport libuv version string in `named -V`August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/3889Resolve "RPZ wildcard passthru ignored"2020-07-30T13:42:16ZDiego dos Santos FronzaResolve "RPZ wildcard passthru ignored"Closes #1619Closes #1619August 2020 (9.11.22, 9.11.22-S1, 9.16.6, 9.17.4)