Add a probe when the response rate limiting drops or slips query
Add a trace point that would report when a query gets dropped or slipped by rate limits. It reports the client IP, the zone, and the RRL result code. Co-authored-by: Paul Frieden <pfrieden@yahooinc.com>
This commit is contained in:
Ondřej Surý
@@ -12,21 +12,21 @@
|
||||
*/
|
||||
|
||||
provider libdns {
|
||||
probe xfrin_axfr_finalize_begin(void *);
|
||||
probe xfrin_axfr_finalize_end(void *, int);
|
||||
probe xfrin_connected(void *, int);
|
||||
probe xfrin_done_callback_begin(void *, int);
|
||||
probe xfrin_done_callback_end(void *, int);
|
||||
probe xfrin_journal_destroy_begin(void *, int);
|
||||
probe xfrin_journal_destroy_end(void *, int);
|
||||
probe xfrin_read(void *, int);
|
||||
probe xfrin_recv_answer(void *, void *);
|
||||
probe xfrin_recv_done(void *, int);
|
||||
probe xfrin_recv_parsed(void *, int);
|
||||
probe xfrin_recv_question(void *, void *);
|
||||
probe xfrin_recv_send_request(void *);
|
||||
probe xfrin_recv_start(void *, int);
|
||||
probe xfrin_recv_try_axfr(void *, int);
|
||||
probe xfrin_sent(void *, int);
|
||||
probe xfrin_start(void *);
|
||||
probe xfrin_axfr_finalize_begin(void *, char *);
|
||||
probe xfrin_axfr_finalize_end(void *, char *, int);
|
||||
probe xfrin_connected(void *, char *, int);
|
||||
probe xfrin_done_callback_begin(void *, char *, int);
|
||||
probe xfrin_done_callback_end(void *, char *, int);
|
||||
probe xfrin_journal_destroy_begin(void *, char *, int);
|
||||
probe xfrin_journal_destroy_end(void *, char *, int);
|
||||
probe xfrin_read(void *, char *, int);
|
||||
probe xfrin_recv_answer(void *, char *, void *);
|
||||
probe xfrin_recv_done(void *, char *, int);
|
||||
probe xfrin_recv_parsed(void *, char *, int);
|
||||
probe xfrin_recv_question(void *, char *, void *);
|
||||
probe xfrin_recv_send_request(void *, char *);
|
||||
probe xfrin_recv_start(void *, char *, int);
|
||||
probe xfrin_recv_try_axfr(void *, char *, int);
|
||||
probe xfrin_sent(void *, char *, int);
|
||||
probe xfrin_start(void *, char *);
|
||||
};
|
||||
|
||||
@@ -12,4 +12,5 @@
|
||||
*/
|
||||
|
||||
provider libns {
|
||||
probe rrl_drop(const char *, const char *, const char *, int);
|
||||
};
|
||||
|
||||
@@ -73,6 +73,8 @@
|
||||
#include <ns/stats.h>
|
||||
#include <ns/xfrout.h>
|
||||
|
||||
#include "probes.h"
|
||||
|
||||
#if 0
|
||||
/*
|
||||
* It has been recommended that DNS64 be changed to return excluded
|
||||
@@ -7051,6 +7053,25 @@ ns__query_sfcache(query_ctx_t *qctx) {
|
||||
return (ISC_R_COMPLETE);
|
||||
}
|
||||
|
||||
static void
|
||||
query_trace_rrldrop(query_ctx_t *qctx,
|
||||
dns_rrl_result_t rrl_result ISC_ATTR_UNUSED) {
|
||||
if (!LIBNS_RRL_DROP_ENABLED()) {
|
||||
return;
|
||||
}
|
||||
|
||||
char peerbuf[ISC_SOCKADDR_FORMATSIZE];
|
||||
isc_netaddr_t peer;
|
||||
isc_netaddr_fromsockaddr(&peer, &qctx->client->peeraddr);
|
||||
isc_netaddr_format(&peer, peerbuf, sizeof(peerbuf));
|
||||
|
||||
char qnamebuf[DNS_NAME_FORMATSIZE];
|
||||
char fnamebuf[DNS_NAME_FORMATSIZE];
|
||||
dns_name_format(qctx->client->query.qname, qnamebuf, sizeof(qnamebuf));
|
||||
dns_name_format(qctx->fname, fnamebuf, sizeof(fnamebuf));
|
||||
LIBNS_RRL_DROP(peerbuf, qnamebuf, fnamebuf, rrl_result);
|
||||
}
|
||||
|
||||
/*%
|
||||
* Handle response rate limiting (RRL).
|
||||
*/
|
||||
@@ -7184,6 +7205,12 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) {
|
||||
DNS_RRL_LOG_DROP, "%s", log_buf);
|
||||
}
|
||||
|
||||
/*
|
||||
* If tracing is enabled, format some extra information
|
||||
* to pass along.
|
||||
*/
|
||||
query_trace_rrldrop(qctx, rrl_result);
|
||||
|
||||
if (!qctx->view->rrl->log_only) {
|
||||
if (rrl_result == DNS_RRL_RESULT_DROP) {
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user