Comments (3)
I stumbled over all the TTL-related issues in aardvark-dns yesterday and am trying to make sense of the story. What was the original idea behind a 24 hour TTL for an information that is potentially different on every lookup? This is the state Debian consumers will probably have to deal with for the next couple of years. There's nothing more recent than 1.4.0 on the roadmap as far as I can tell.
The solution, to drop the TTL to one minute in 1.6.0, is another poor choice IMHO. The fact that "normal resolvers" wouldn't cache this information at all even came up in the discussion. Yet, it was decided to continue on this path. The motivation for this isn't entirely clear to me. Trying to solve performance issues here seems like very premature optimization and the approach just introduces new issues. This behavior must be in the control of the user.
dnsmasq provides a --local-ttl
option, for which the documentation says (emphasis mine):
When replying with information from /etc/hosts or configuration or the DHCP leases file dnsmasq by default sets the time-to-live field to zero, meaning that the requester should not itself cache the information. This is the correct thing to do in almost all situations. This option allows a time-to-live (in seconds) to be given for these replies. This will reduce the load on the server at the expense of clients using stale data under some circumstances.
If anything, setting a non-zero TTL on aardvark-dns responses should be the challenge here, not fighting stale DNS caches.
from aardvark-dns.
Making it configurable sounds good, but problem is that then config has to be propagated through podman or some environment variable since users don't directly call aardvark-dns
. @Luap99 WDYT ?
from aardvark-dns.
Related Issues (20)
- Add host.containers.internal entry in aardvark-dns HOT 3
- [NOT UPSTREAM PROBLEM] test `packit propose-downstream` HOT 2
- [packit] Propose downstream failed for release v1.7.0
- test_backend_network_scoped_custom_dns_server fails HOT 3
- Updating trust-dns HOT 1
- DNS requests timeout HOT 24
- Is there a way to reserve or limit IP addresses when using DNS? HOT 1
- CI flake: three networks with a connect HOT 1
- When forward dns request to outside name server, `aardvark-dns` should check and ignore its own listening IPs or error out, to avoid infinite recursion. HOT 1
- Setting invalid options in /etc/resolv.conf makes dns unresponsive HOT 1
- Reverse lookups in podman return `.` for domain name in answer section
- Rootful containers on debian sid host unable to resolve DNS HOT 4
- [packit] Propose downstream failed for release v1.11.0 HOT 1
- Publishing udp range larger than 16383 ending with 65535 breaks dns resolution on user defined networks with root networking. HOT 5
- DNS server fallback not working HOT 10
- future improvements and issues found in my reworks HOT 2
- support internal ipvlan/macvlan networks HOT 3
- test: replace slirp4netns with pasta HOT 1
- DNS Stops working after some time in bridge network HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aardvark-dns.