[dnsdist] backend drops metrics for TCP
Hello!
when playing around with things to reduce the drop rate I noticed
that TCP based backends always have 0 drops in showServers() output and
these metrics:
dnsdist_server_drops
dnsdist_downstream_timeouts
Is that always the case and that counter has no meaning for TCP based
backends or can this counter be non-zero for TCP backends as well?
dnsdist's CPU usage doubled after switching to TCP via tcpOnly=true
and the DNS timeout rate as measured by the application generating the
queries running on the same host as dnsdist actually increased after
switching dnsdist to use TCP instead of UDP. So switching to TCP
eliminated the drops problem when measured by dnsdist but it made things
worse for the application.
All of these values are also at 0:
dnsdist_server_tcpdiedsendingquery{address="127.0.0.1:54"} 0
dnsdist_server_tcpdiedreadingresponse{address="127.0.0.1:54"} 0
dnsdist_server_tcpgaveup{address="127.0.0.1:54"} 0
dnsdist_server_tcpreadtimeouts{address="127.0.0.1:54"} 0
dnsdist_server_tcpwritetimeouts{address="127.0.0.1:54"} 0
dnsdist_server_tcpconnecttimeouts{address="127.0.0.1:54"} 0
dnsdist_server_latency and
dnsdist_server_tcplatency
are on the same level after switching to TCP for the specific backend.
Since sockets=NUM in newServer() is only for UDP and
dnsdist_server_tcpcurrentconnections{address="127.0.0.1:54"} 10
suggests it uses only 10 TCP sockets. How can this be configured?
sockets was set to 32, so this implicit change when sitching from UDP to
TCP might also have an effect here.
best regards,
Christoph
___
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist
Re: [dnsdist] Dnsdist as high availability mode
Hi, We have a big setup of dnsdist and we achieve high availability through anycast using OSPF. It is very reliable and easy to setup. Let me know if you would like more details or have any questions. On Mon, 11 Sep 2023 at 11:16 AM Remi Gacogne via dnsdist < dnsdist@mailman.powerdns.com> wrote: > Hi! > > On 10/09/2023 16:31, Affan Basalamah via dnsdist wrote: > > I want to know if it’s possible to setup dnsdist as two server and > > configured with first hop redundancy protocol such as VRRP (Keepalived > > on Linux, CARP on FreeBSD), so dnsdist can operate as highly available > > as possible, at least in fail over mode. > > > > If it’s possible, I haven’t seen the examples on the official dnsdist > > documentation. Can someone point me to any document or other references? > > Yes, I know of a few setups that are using dnsdist with Keepalived. > There is nothing particular to do on dnsdist's side to make it work, > which is why it's not mentioned in the documentation. > We will of course accept pull requests updating the documentation if you > find out that some parts could use some words, though :) > > Best regards, > -- > Remi Gacogne > PowerDNS.COM BV - https://www.powerdns.com/ > > ___ > dnsdist mailing list > dnsdist@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/dnsdist > ___ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
Re: [dnsdist] Dnsdist as high availability mode
Hi! On 10/09/2023 16:31, Affan Basalamah via dnsdist wrote: I want to know if it’s possible to setup dnsdist as two server and configured with first hop redundancy protocol such as VRRP (Keepalived on Linux, CARP on FreeBSD), so dnsdist can operate as highly available as possible, at least in fail over mode. If it’s possible, I haven’t seen the examples on the official dnsdist documentation. Can someone point me to any document or other references? Yes, I know of a few setups that are using dnsdist with Keepalived. There is nothing particular to do on dnsdist's side to make it work, which is why it's not mentioned in the documentation. We will of course accept pull requests updating the documentation if you find out that some parts could use some words, though :) Best regards, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/ OpenPGP_signature.asc Description: OpenPGP digital signature ___ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
Re: [dnsdist] Dnsdist as high availability mode
Hi Affan, As dns is mostly stateless, you can certainly use things like VRRP, CARP or other protocols for an HA setup. Theirs is no dnsdist specific documentation on this because there's nothing "special" about dnsdist that VRRP/CARP needs to know. You could use any documentation for your VRRP / CARP / other protocol out there. That being said, I have two big remarks to make. A lot of people who have a need to achieve this failover capability, prefer to do it BGP based, as you have a bit more control and predictability over the BGP protocol than for instance with VRRP(e). If you would launch a search query for "bgp dnsdist" or "bgp dns", you'll find a ton of blogposts and howtos. Again here: these blogposts talk about the BGP implementation, not soo much about dnsdist. My second big remark is that dns has high-availability mechanisms built in: most TLDs require a minimum of 2 nameservers to be specified for authoritative name servers, all decent DNS client implementations allow you to specify more than one resolver. If you do this correctly, you'll achieve dns high-availability out of the box. Yes, there might be latency issues and you might get a higher rate of complaints from your users, but if those hiccups are short, the DNS protocol itself will fail over. Kind Regards, Frank Frank Louwers PowerDNS Certified Consultant @ Kiwazo.be > On 10 Sep 2023, at 16:31, Affan Basalamah via dnsdist > wrote: > > Hello, > > I want to know if it’s possible to setup dnsdist as two server and > configured with first hop redundancy protocol such as VRRP (Keepalived on > Linux, CARP on FreeBSD), so dnsdist can operate as highly available as > possible, at least in fail over mode. > > If it’s possible, I haven’t seen the examples on the official dnsdist > documentation. Can someone point me to any document or other references? > > > Best regards, > Affan > ___ > dnsdist mailing list > dnsdist@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/dnsdist ___ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
