Re: Weird behavior when using DoH with the multi interface

Tue, 04 Jun 2024 08:25:17 -0700

This would seem to still leave the doh connections consuming data connections' cache quota.
That is, doh can crowd out data connections, or at least makes the connection limit hard to explain or manage. 


The application has no control over how many DNS transactions it takes 
to resolve, e.g. a redirect/cname chain.  So picking a limit would 
require guesswork.



UDP DNS transactions don't count against the connection limit (Do TCP if 
you have to fall back due to truncation?), so I don't see why doh 
should.  Certainly neither count if you resolve thru glib.  In any case, 
the DNS and data transfer processes are separate.



An alternate approach would be to not count the DOH connections at all - 
or keep a separate cache and/or quota for them.   You probably don't 
want a long-lived libcurl user to keep DOH connections forever, or to 
cache very large numbers.  So a separate limit seems like the right 
approach.


Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

On 04-Jun-24 10:59, Daniel Stenberg via curl-library wrote:

On Tue, 4 Jun 2024, Daniel Stenberg via curl-library wrote:


Interesting case. I think we should make DoH requests exempt from 
that check/restriciton, as otherwise you can end up in this kind of 
catch-22 situation.


kartatz, how about a patch like this?

--- a/lib/url.c
+++ b/lib/url.c

@@ -3661,12 +3661,16 @@ static CURLcode create_conn(struct Curl_easy 
*data,

       /* The cache is full. Let's see if we can kill a connection. */
       conn_candidate = Curl_conncache_extract_oldest(data);
       if(conn_candidate)
         Curl_disconnect(data, conn_candidate, FALSE);
       else {
-        infof(data, "No connections available in cache");
-        connections_available = FALSE;
+        if(data->set.dohfor)
+          infof(data, "Allowing DoH to override max connection limit");
+        else {
+          infof(data, "No connections available in cache");
+          connections_available = FALSE;
+        }
       }
     }

     if(!connections_available) {
       infof(data, "No connections available.");




Attachment:
OpenPGP_signature.asc

Description: OpenPGP digital signature


-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html






















					Reply via email to