Hi, On 30/09/2022 17:56, Christian Joffre Calva Urrego via dnsdist wrote:
We currently use dnsdist 1.4 and have a PowerDNS Recursor configured as downstream server. Everything has a standard minimum configuration, with.. client-tcp-timeout=60 .. configured on the PDNS Recursor. The point is that in PDNS Recursor we can see the following entry log: .. pdns_recursor: Timeout from remote TCP client <IP_DNSDIST> ..We have been investigating and apparently the dnsdist does not close the TCP sessions with the configured downstream server (PDNS Recursor), having to close them the PDNS Recursor.Is there a setting in dnsdist to set idle time of a TCP connection to a backend server?
I'm afraid there isn't.
What is the default lifetime of a TCP session in dnsdist, once it is waiting and not being used?
dnsdist only closes an idle outgoing TCP connection if it is already has 'setMaxCachedTCPConnectionsPerDownstream' [1] idle connections to that backend in cache, or if the connection will not be reusable (because the proxy protocol is enabled, for example). Apart from that it tries to keep the connection alive for as long as possible, checking that the connection is still usable before trying to use it to forward a new query. This is based on the reasoning that establishing a new TCP connection to a backend is not cheap and has an important cost in term of latency.
Are you experiencing any functional problem, apart from an entry in the recursor's logs? You did not share the version of the recursor you are using, but in recent version this warning is only written to the logs when 'log-common-errors' is set to 'yes'.
[1]: https://dnsdist.org/reference/tuning.html#setMaxCachedTCPConnectionsPerDownstream
-- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
