Wider testing in production (by Ralf Hildenbrandt) has identified that
the mDNS support added in 3.4 can produce a large number amount of
multicast traffic from .arpa lookups even if mDNS is not setup on the
local network.
Add a configuration option dns_multicast_local to turn mDNS lookups
ON/OFF and remove the DNS lag introduced by these useless lookups.
FUTURE WORK:
It would be nice to implement a fast mechanism for determining whether
the PTR lookups are for LAN or WAN addresses
to decide better whether to send the query as mDNS.
Amos
=== modified file 'src/SquidConfig.h'
--- src/SquidConfig.h 2013-06-18 06:22:13 +0000
+++ src/SquidConfig.h 2013-07-31 13:33:10 +0000
@@ -355,6 +355,7 @@
int memory_cache_disk;
int hostStrictVerify;
int client_dst_passthru;
+ int dns_mdns;
} onoff;
int pipeline_max_prefetch;
=== modified file 'src/cf.data.pre'
--- src/cf.data.pre 2013-07-27 13:37:29 +0000
+++ src/cf.data.pre 2013-07-31 14:04:53 +0000
@@ -8332,6 +8332,19 @@
Squid to handle single-component names, enable this option.
DOC_END
+NAME: dns_multicast_local
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: on
+DEFAULT_DOC: Search for .local and .arpa names is enabled.
+LOC: Config.onoff.dns_mdns
+DOC_START
+ When set to on, Squid sends multicast DNS lookups on the local
+ network for domains ending in .local and .arpa.
+ This enables local servers and devices to be contacted in an
+ ad-hoc or zero-configuration network environment.
+DOC_END
+
NAME: dns_nameservers
TYPE: wordlist
DEFAULT: none
=== modified file 'src/dns_internal.cc'
--- src/dns_internal.cc 2013-07-10 12:38:36 +0000
+++ src/dns_internal.cc 2013-07-31 13:33:31 +0000
@@ -268,6 +268,9 @@
static void
idnsCheckMDNS(idns_query *q)
{
+ if (!Config.onoff.dns_mdns || q->permit_mdns)
+ return;
+
size_t slen = strlen(q->name);
if (slen > 6 && memcmp(q->name +(slen-6),".local", 6) == 0) {
q->permit_mdns = true;
@@ -279,6 +282,10 @@
{
nns_mdns_count=0;
+ // mDNS is disabled
+ if (!Config.onoff.dns_mdns)
+ return;
+
// mDNS resolver addresses are explicit multicast group IPs
if (Ip::EnableIpv6) {
idnsAddNameserver("FF02::FB");
@@ -717,21 +724,23 @@
storeAppendPrintf(sentry, "Internal DNS Statistics:\n");
storeAppendPrintf(sentry, "\nThe Queue:\n");
storeAppendPrintf(sentry, " DELAY SINCE\n");
- storeAppendPrintf(sentry, " ID SIZE SENDS FIRST SEND LAST SEND\n");
- storeAppendPrintf(sentry, "------ ---- ----- ---------- ---------\n");
+ storeAppendPrintf(sentry, " ID SIZE SENDS FIRST SEND LAST SEND M
FQDN\n");
+ storeAppendPrintf(sentry, "------ ---- ----- ---------- --------- -
----\n");
for (n = lru_list.head; n; n = n->next) {
q = (idns_query *)n->data;
- storeAppendPrintf(sentry, "%#06x %4d %5d %10.3f %9.3f\n",
+ storeAppendPrintf(sentry, "%#06x %4d %5d %10.3f %9.3f %c %s\n",
(int) q->query_id, (int) q->sz, q->nsends,
tvSubDsec(q->start_t, current_time),
- tvSubDsec(q->sent_t, current_time));
+ tvSubDsec(q->sent_t, current_time),
+ (q->permit_mdns? 'M':' '),
+ q->name);
}
if (Config.dns.packet_max > 0)
- storeAppendPrintf(sentry, "DNS jumbo-grams: %zd Bytes\n",
Config.dns.packet_max);
+ storeAppendPrintf(sentry, "\nDNS jumbo-grams: %zd Bytes\n",
Config.dns.packet_max);
else
- storeAppendPrintf(sentry, "DNS jumbo-grams: not working\n");
+ storeAppendPrintf(sentry, "\nDNS jumbo-grams: not working\n");
storeAppendPrintf(sentry, "\nNameservers:\n");
storeAppendPrintf(sentry, "IP ADDRESS
# QUERIES # REPLIES Type\n");
@@ -1816,7 +1825,7 @@
debugs(78, 3, "idnsPTRLookup: buf is " << q->sz << " bytes for " << ip <<
", id = 0x" << std::hex << q->query_id);
- q->permit_mdns = true;
+ q->permit_mdns = Config.onoff.dns_mdns;
idnsStartQuery(q, callback, data);
}
