search

rootwyrm / dns_docker

Complete DNS suite for use in Docker
Other
2 stars 0 forks source link

dnsdist cache not behaving as expected #15

Closed rootwyrm closed 4 years ago

rootwyrm commented 4 years ago

Currently discussing this with the developers on the mailing list; testing is showing that dnsdist is not caching properly under the Docker container. Tagging this as a blocker, as it severely degrades performance on RPi4 - 32qps for dnsdist with pure C++ rules, against a 250,000qps nsd instance.

Cache failure without +noedns +nocookie set in dig are covered by: https://github.com/PowerDNS/pdns/issues/5131

Does not reproduce on 1.4.0 on FreeBSD;

dntest.dh
FreeBSD 12.1-RELEASE
net.inet.tcp.fastopen.server_enable=1
net.inet.tcp.fastopen.client_enable=1
net.inet.tcp.fastopen.acceptany=1

DNS Performance Testing Tool
Version 2.3.4

[Status] Command line: dnsperf -m tcp -d query-root.txt -T 4 -c 100 -n 100000 -s 10.1.0.60
[Status] Sending queries (to 10.1.0.60)
[Status] Started at: Thu Jul  2 16:50:00 2020
[Status] Stopping after 100000 runs through file
[Status] Testing complete (end of file)

Statistics:

  Queries sent:         2600000
  Queries completed:    2600000 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 2600000 (100.00%)
  Average packet size:  request 36, response 814
  Run time (s):         69.232831
  Queries per second:   37554.437143

  Average Latency (s):  0.001506 (min 0.000219, max 0.044860)
  Latency StdDev (s):   0.001224

> getPool("localroot"):getCache():printStats()
Entries: 52/1024
Hits: 2612939
Misses: 61
Deferred inserts: 0
Deferred lookups: 0
Lookup Collisions: 0
Insert Collisions: 0
TTL Too Shorts: 0
rootwyrm commented 4 years ago

Managed to get one to cache correctly using network_type: host but under bridge it's still misbehaving. I suspect that Docker bridge is manipulating DNS (since it's designed to play games with DNS for swarm and the like.)

rootwyrm commented 4 years ago

Results with functioning cache on RPi4:

Linux rivermane 5.4.34-0-rpi4 #1-Alpine SMP PREEMPT Wed Apr 22 20:03:53 UTC 2020 aarch64 Linux

[Status] Command line: dnsperf -m tcp -d query-root.txt -T 4 -c 100 -n 100000 -s 10.1.0.82
[Status] Sending queries (to 10.1.0.82)
[Status] Started at: Thu Jul  2 17:59:58 2020
[Status] Stopping after 100000 runs through file
[Status] Testing complete (end of file)

Statistics:

  Queries sent:         2600000
  Queries completed:    2600000 (100.00%)
  Queries lost:         0 (0.00%)

  Response codes:       NOERROR 2600000 (100.00%)
  Average packet size:  request 36, response 814
  Run time (s):         198.023656
  Queries per second:   13129.744458

  Average Latency (s):  0.007206 (min 0.000313, max 0.137878)
  Latency StdDev (s):   0.016528
rootwyrm commented 4 years ago

Issue only persists when network type is bridge... Docker mangles DNS causing cache miss.