author: Dag-Erling Smørgrav <des@FreeBSD.org> 2015-01-02 17:31:36 +0000
committer: Dag-Erling Smørgrav <des@FreeBSD.org> 2015-01-02 17:31:36 +0000
commit: d433784affd32a879670e66bcf330b2561342f3c (patch)
tree: 7e110cb938b4f1a0c7a7f5bbbfc0a682ab32c4b6 /iterator
parent: c40c0dcc50043c1f440bca54c9d731eeec13678a (diff)
5 files changed, 44 insertions, 13 deletions
diff --git a/iterator/iter_delegpt.c b/iterator/iter_delegpt.c
index 1d84280d2eac..b212ec0775fd 100644
--- a/iterator/iter_delegpt.c
+++ b/iterator/iter_delegpt.c
@@ -147,7 +147,9 @@ delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr,
 {
 	struct delegpt_addr* p = dp->target_list;
 	while(p) {
-		if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0) {
+		if(sockaddr_cmp_addr(addr, addrlen, &p->addr, p->addrlen)==0
+			&& ((struct sockaddr_in*)addr)->sin_port ==
+			   ((struct sockaddr_in*)&p->addr)->sin_port) {
 			return p;
 		}
 		p = p->next_target;
diff --git a/iterator/iter_hints.c b/iterator/iter_hints.c
index 7fa07a72969c..57b57c2e034d 100644
--- a/iterator/iter_hints.c
+++ b/iterator/iter_hints.c
@@ -144,6 +144,8 @@ compile_time_root_prime(int do_ip4, int do_ip6)
       }
       if(do_ip6) {
 	if(!ah(dp, "A.ROOT-SERVERS.NET.", "2001:503:ba3e::2:30")) goto failed;
+	if(!ah(dp, "B.ROOT-SERVERS.NET.", "2001:500:84::b")) goto failed;
+	if(!ah(dp, "C.ROOT-SERVERS.NET.", "2001:500:2::c")) goto failed;
 	if(!ah(dp, "D.ROOT-SERVERS.NET.", "2001:500:2d::d")) goto failed;
 	if(!ah(dp, "F.ROOT-SERVERS.NET.", "2001:500:2f::f")) goto failed;
 	if(!ah(dp, "H.ROOT-SERVERS.NET.", "2001:500:1::803f:235")) goto failed;
diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c
index 5d55b623ea69..4148c1268f78 100644
--- a/iterator/iter_utils.c
+++ b/iterator/iter_utils.c
@@ -666,7 +666,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2)
 		k1->rk.rrset_class != k2->rk.rrset_class ||
 		query_dname_compare(k1->rk.dname, k2->rk.dname) != 0)
 		return 0;
-	if(d1->ttl != d2->ttl ||
+	if(	/* do not check ttl: d1->ttl != d2->ttl || */
 		d1->count != d2->count ||
 		d1->rrsig_count != d2->rrsig_count ||
 		d1->trust != d2->trust ||
@@ -675,7 +675,7 @@ rrset_equal(struct ub_packed_rrset_key* k1, struct ub_packed_rrset_key* k2)
 	t = d1->count + d1->rrsig_count;
 	for(i=0; i<t; i++) {
 		if(d1->rr_len[i] != d2->rr_len[i] ||
-			d1->rr_ttl[i] != d2->rr_ttl[i] ||
+			/* no ttl check: d1->rr_ttl[i] != d2->rr_ttl[i] ||*/
 			memcmp(d1->rr_data[i], d2->rr_data[i], 
 				d1->rr_len[i]) != 0)
 			return 0;
@@ -689,8 +689,11 @@ reply_equal(struct reply_info* p, struct reply_info* q, struct regional* region)
 	size_t i;
 	if(p->flags != q->flags ||
 		p->qdcount != q->qdcount ||
+		/* do not check TTL, this may differ */
+		/*
 		p->ttl != q->ttl ||
 		p->prefetch_ttl != q->prefetch_ttl ||
+		*/
 		p->security != q->security ||
 		p->an_numrrsets != q->an_numrrsets ||
 		p->ns_numrrsets != q->ns_numrrsets ||
diff --git a/iterator/iterator.c b/iterator/iterator.c
index dc93443e88f2..06653442fae0 100644
--- a/iterator/iterator.c
+++ b/iterator/iterator.c
@@ -254,6 +254,14 @@ error_response_cache(struct module_qstate* qstate, int id, int rcode)
 {
 	/* store in cache */
 	struct reply_info err;
+	if(qstate->prefetch_leeway > NORR_TTL) {
+		verbose(VERB_ALGO, "error response for prefetch in cache");
+		/* attempt to adjust the cache entry prefetch */
+		if(dns_cache_prefetch_adjust(qstate->env, &qstate->qinfo,
+			NORR_TTL))
+			return error_response(qstate, id, rcode);
+		/* if that fails (not in cache), fall through to store err */
+	}
 	memset(&err, 0, sizeof(err));
 	err.flags = (uint16_t)(BIT_QR | BIT_RA);
 	FLAGS_SET_RCODE(err.flags, rcode);
@@ -1888,8 +1896,8 @@ processQueryTargets(struct module_qstate* qstate, struct iter_qstate* iq,
 		iq->qchase.qname, iq->qchase.qname_len, 
 		iq->qchase.qtype, iq->qchase.qclass, 
 		iq->chase_flags | (iq->chase_to_rd?BIT_RD:0), EDNS_DO|BIT_CD, 
-		iq->dnssec_expected, &target->addr, target->addrlen,
-		iq->dp->name, iq->dp->namelen, qstate);
+		iq->dnssec_expected, iq->caps_fallback, &target->addr,
+		target->addrlen, iq->dp->name, iq->dp->namelen, qstate);
 	if(!outq) {
 		log_addr(VERB_DETAIL, "error sending query to auth server", 
 			&target->addr, target->addrlen);
@@ -2799,6 +2807,21 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 	iq->response = NULL;
 	iq->state = QUERY_RESP_STATE;
 	if(event == module_event_noreply || event == module_event_error) {
+		if(event == module_event_noreply && iq->sent_count >= 3 &&
+			qstate->env->cfg->use_caps_bits_for_id &&
+			!iq->caps_fallback) {
+			/* start fallback */
+			iq->caps_fallback = 1;
+			iq->caps_server = 0;
+			iq->caps_reply = NULL;
+			iq->state = QUERYTARGETS_STATE;
+			iq->num_current_queries--;
+			/* need fresh attempts for the 0x20 fallback, if
+			 * that was the cause for the failure */
+			iter_dec_attempts(iq->dp, 3);
+			verbose(VERB_DETAIL, "Capsforid: timeouts, starting fallback");
+			goto handle_it;
+		}
 		goto handle_it;
 	}
 	if( (event != module_event_reply && event != module_event_capsfail)
@@ -2847,7 +2870,7 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 		log_dns_msg("incoming scrubbed packet:", &iq->response->qinfo, 
 			iq->response->rep);
 	
-	if(event == module_event_capsfail) {
+	if(event == module_event_capsfail || iq->caps_fallback) {
 		if(!iq->caps_fallback) {
 			/* start fallback */
 			iq->caps_fallback = 1;
@@ -2859,7 +2882,11 @@ process_response(struct module_qstate* qstate, struct iter_qstate* iq,
 			goto handle_it;
 		} else {
 			/* check if reply is the same, otherwise, fail */
-			if(!reply_equal(iq->response->rep, iq->caps_reply,
+			if(!iq->caps_reply) {
+				iq->caps_reply = iq->response->rep;
+				iq->caps_server = -1; /*become zero at ++,
+				so that we start the full set of trials */
+			} else if(!reply_equal(iq->response->rep, iq->caps_reply,
 				qstate->env->scratch)) {
 				verbose(VERB_DETAIL, "Capsforid fallback: "
 					"getting different replies, failed");
diff --git a/iterator/iterator.h b/iterator/iterator.h
index f6aee34a65ab..1364b86d722b 100644
--- a/iterator/iterator.h
+++ b/iterator/iterator.h
@@ -59,7 +59,7 @@ struct iter_priv;
 /** max number of referrals. Makes sure resolver does not run away */
 #define MAX_REFERRAL_COUNT	130
 /** max number of queries-sent-out.  Make sure large NS set does not loop */
-#define MAX_SENT_COUNT		16
+#define MAX_SENT_COUNT		32
 /** at what query-sent-count to stop target fetch policy */
 #define TARGET_FETCH_STOP	3
 /** how nice is a server without further information, in msec 
@@ -71,10 +71,6 @@ struct iter_priv;
  * Equals RTT_MAX_TIMEOUT
  */
 #define USEFUL_SERVER_TOP_TIMEOUT	120000
-/** Number of lost messages in a row that get a host blacklisted.
- * With 16, a couple different queries have to time out and no working
- * queries are happening */
-#define USEFUL_SERVER_MAX_LOST	16
 /** number of retries on outgoing queries */
 #define OUTBOUND_MSG_RETRY 5
 /** RTT band, within this amount from the best, servers are chosen randomly.
@@ -236,7 +232,8 @@ struct iter_qstate {
 	int caps_fallback;
 	/** state for capsfail: current server number to try */
 	size_t caps_server;
-	/** state for capsfail: stored query for comparisons */
+	/** state for capsfail: stored query for comparisons. Can be NULL if
+	 * no response had been seen prior to starting the fallback. */
 	struct reply_info* caps_reply;
 
 	/** Current delegation message - returned for non-RD queries */
author	Dag-Erling Smørgrav <des@FreeBSD.org>	2015-01-02 17:31:36 +0000
committer	Dag-Erling Smørgrav <des@FreeBSD.org>	2015-01-02 17:31:36 +0000
commit	d433784affd32a879670e66bcf330b2561342f3c (patch)
tree	7e110cb938b4f1a0c7a7f5bbbfc0a682ab32c4b6 /iterator
parent	c40c0dcc50043c1f440bca54c9d731eeec13678a (diff)