Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DNS] Allow DNS SOA settings in Consul #4713

Closed
pierresouchay opened this issue Sep 26, 2018 · 1 comment · Fixed by #4714
Closed

[DNS] Allow DNS SOA settings in Consul #4713

pierresouchay opened this issue Sep 26, 2018 · 1 comment · Fixed by #4714
Labels
type/enhancement Proposed improvement or new feature

Comments

@pierresouchay
Copy link
Contributor

We have an issue with IPV6 stack trying to resolve a lot AAAA records in Datacenters with IPV6 support.

On those datacenters, clients always try to use AAAA records now, and it is getting some important load on the DNS servers for those requests which are forwarded to some Consul Agents.

On those datacenters, most of the service queries are performed with AAAA request because ONLY looking for ipv6 records. In Consul minimum TTL value is hardcoded to 0, so DNS implementations cannot cache those negative values and keep repeating asking for AAAA records on the zone, while no record will be returned

We propose to add a new SOA settins to setup, so minimum ttl (which is used for negative TTL as described in https://tools.ietf.org/html/rfc2308 ) can be returned and DNS servers can cache this value and lower the load on Consul servers.

Settings and their default value (that would match the existing implementation) would be the following in DNS section of configuration:

SOA: {
  Refresh: 3600,
  Retry: 600,
  Expire: 86400,
  Minttl: 0
}

Do you consider a PR to fix this if we provide it ?

Kind regards
@pierresouchay pierresouchay mentioned this issue Sep 26, 2018
Merged
@pierresouchay
Copy link
Contributor Author

pierresouchay commented Sep 26, 2018
edited
Loading

PR implementation proposal: #4714

@pearkes pearkes added the type/enhancement Proposed improvement or new feature label Oct 8, 2018
mkeeler pushed a commit that referenced this issue Oct 10, 2018
@pierresouchay @mkeeler
Added SOA configuration for DNS settings. (#4714)
251156e 
This will allow to fine TUNE SOA settings sent by Consul in DNS responses,
for instance to be able to control negative ttl.

Will fix: #4713

# Example

Override all settings:

* min_ttl: 0 => 60s
* retry: 600 (10m) => 300s (5 minutes),
* expire: 86400 (24h) => 43200 (12h)
* refresh: 3600 (1h) => 1800 (30 minutes)

```
consul agent -dev -hcl 'dns_config={soa={min_ttl=60,retry=300,expire=43200,refresh=1800}}'
```

Result:
```
dig +multiline @localhost -p 8600 service.consul

; <<>> DiG 9.12.1 <<>> +multiline @localhost -p 8600 service.consul
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36557
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;service.consul.		IN A

;; AUTHORITY SECTION:
consul.			0 IN SOA ns.consul. hostmaster.consul. (
				1537959133 ; serial
				1800       ; refresh (30 minutes)
				300        ; retry (5 minutes)
				43200      ; expire (12 hours)
				60         ; minimum (1 minute)
				)

;; Query time: 4 msec
;; SERVER: 127.0.0.1#8600(127.0.0.1)
;; WHEN: Wed Sep 26 12:52:13 CEST 2018
;; MSG SIZE  rcvd: 93
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/enhancement Proposed improvement or new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added SOA configuration for DNS settings. pierresouchay/consul
2 participants
@pearkes @pierresouchay