ncruces / go-dns

net.Resolvers with caching, opportunistic encryption, and DoT/DoH
https://pkg.go.dev/github.com/ncruces/go-dns
MIT License
41 stars 8 forks source link

Support caching success dns response only #10

Closed radaiming closed 1 year ago

radaiming commented 1 year ago

Hi,

Is it possible to support only caching dns response with NoError RCode? If you'd also like to see this feature, I'd like to provide a PR implemented with golang.org/x/net/dns/dnsmessage. Thank you.

ncruces commented 1 year ago

That's a reasonable RFE. I'd rather not introduce the dependency, unless strictly necessary.

I'll look it through, and maybe fuzz my parser against x/net/dns, but I'm pretty confident in it.

radaiming commented 1 year ago

Thanks!

ncruces commented 1 year ago

Can you check if this fixes it for you?

radaiming commented 1 year ago

Thanks, I verified with tcpdump and it works! But the library doesn't cache negative response only when setting dns.NegativeCache(true), according to doc(comment), seems it should be set to false?

ncruces commented 1 year ago

Well, that's odd.

It should cache if dns.NegativeCache(true) (which is the default) and not cache if explicitly set to dns.NegativeCache(false).

This isn't well covered in tests, but I'll check.

ncruces commented 1 year ago

Please see: https://github.com/ncruces/go-dns/blob/f185daa6732a49c4371bd6a1b0dc24a5efdd5069/cache_test.go#L50-L70

dns.NegativeCache(false) avoids caching negative responses (not setting it speeds them up by over 10×).

radaiming commented 1 year ago

Just tested again and you're correct, thanks and sorry for my mistake🫣