* pass through nxdomain results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* return srvfail and nodata results
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* cover more response cases
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* get data reqd to record latency before calling toFuncs
* refactor out unnecessary toFunc wrappers
* remove latency metric unit tests per PR feedback
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
Various improvements to the documentation. Started because `⚠️`
isn't a markdown feature (replace with Note:).
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: remove config struct
this struct is an uneeded intermidiate to get a dnstap it can be
removed. Remove the dnstapio subpkg: it's also not needed. Make *many*
functions and structs private now that we can.
Signed-off-by: Miek Gieben <miek@miek.nl>
* correct logging
Signed-off-by: Miek Gieben <miek@miek.nl>
* forward: add example with multiple DoT upstreams
Remove Bugs section as this is a nice work around.
h/t https://twitter.com/mholt6/status/1284250606673080321
Signed-off-by: Miek Gieben <miek@miek.nl>
* Actually remove bugs section
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: remove encoder*.go
Those files reimplemented parts of the dnstap spec, we can just use the
dnstap functions for that. This leaves all the queuing that is enabled
and drops messages if the dnstap reader can't keep up. In the new code
flush() would never return an error (at least I couldn't make it do so),
so the reconnect functionally is moved to kick off when we get write
errors.
Some smaller cosmetic changes as well, `d.socket` is now `proto`, which
makes the dial() function smaller.
Total testing time is now <1s (which was the impetus to look into this
plugin *again*).
See #4238
The buffered channel needs to be sized correctly, as we may need to do
some queing if the dnstap reader can't keep up.
Signed-off-by: Miek Gieben <miek@miek.nl>
* add missing file
Signed-off-by: Miek Gieben <miek@miek.nl>
* update doc on queing
Signed-off-by: Miek Gieben <miek@miek.nl>
* initial commit
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* convert endpointslices to object.endpoints
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add opt hard coded for now
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* check that server supports endpointslice
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix import grouping
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* dont use endpoint slice in 1.17 or 1.18
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* bump kind/k8s in circle ci to latest
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* drop k8s to latest supported by kind
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use endpointslice name as endoint Name; index by Service name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* use index key comparison in nsAddrs()
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add Index to object.Endpoint fixtures; fix direct endpoint name compares
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add slice dup check and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add ep-slice skew dup test for reverse
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* nsaddrs: de-dup ep-slice skew dups; add test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove todo
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* address various feedback
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* consolidate endpoint/slice informer code
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix endpoint informer consolidation; use clearer func name
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* log info; use major/minor fields
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* fix nsAddr and unit test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* add latency tracking for endpointslices
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* endpointslice latency unit test & fix
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* code shuffling
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* rename endpointslices in tests
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from nsAddrs and test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* remove de-dup from findServices / test
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
* Speed up testing
* make notification run in the background, this recudes the test_readme
time from 18s to 0.10s
* reduce time for zone reload
* TestServeDNSConcurrent remove entirely. This took a whopping 58s for
... ? A few minutes staring didn't reveal wth it is actually testing.
Making values smaller revealed race conditions in the tests. Remove
entirely.
* Move many interval values to variables so we can reset them to short
values for the tests.
* test_large_axfr: make the zone smaller. The number used 64K has no
rational, make it 64/10 to speed up.
* TestProxyThreeWay: use client with shorter timeout
A few random tidbits in other tests.
Total time saved: 177s (almost 3m) - which makes it worthwhile again to
run the test locally:
this branch:
~~~
ok github.com/coredns/coredns/test 10.437s
cd plugin; time go t ./...
5,51s user 7,51s system 11,15s elapsed 744%CPU (
~~~
master:
~~~
ok github.com/coredns/coredns/test 35.252s
cd plugin; time go t ./...
157,64s user 15,39s system 50,05s elapsed 345%CPU ()
~~~
tests/ -25s
plugins/ -40s
This brings the total on 20s, and another 10s can be saved by fixing
dnstapio. Moving this to 5s would be even better, but 10s is also nice.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Also 0.01
Signed-off-by: Miek Gieben <miek@miek.nl>
sed -i 's/Also See/See Also/' plugin/**/README.md
Some plugins did already use 'See Also', so it's all consistent now.
Fixes: #4196
Signed-off-by: Miek Gieben <miek@miek.nl>
Include:
1. plugin/forward/type.go:8:2: const typeUdp should be typeUDP
2. plugin/forward/type.go:9:2: const typeTcp should be typeTCP
3. plugin/forward/type.go:10:2: const typeTls should be typeTLS
4. plugin/kubernetes/metrics.go:24:2: var DnsProgrammingLatency should be DNSProgrammingLatency
5. plugin/kubernetes/metrics_test.go:124:102: func parameter clusterIp should be clusterIP
Signed-off-by: zouyu <zouy.fnst@cn.fujitsu.com>
This commit uses a cancelable context to spawn goroutines that refresh
records from a cloud DNS provider. The Caddy shutdown routine uses the
returned cancel function to terminate existing goroutines when a USR1
reload signal is received.
Signed-off-by: Matt Kulka <mkulka@parchment.com>
* plugin/autopath: slightly tweaks the docs
Make the first sentence of the intro slightly easier to read. Refer to a
bugs section, just like other plugins do.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/autopath/README.md
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Not sure why this is proving so difficult.. pointers are hard? [Was
tempted to rollback all tweaks here, but the original issue we're fixing
it too important to not have a proper fix].
But we need to make a copy of the message at the earliest point in the
handler because we are changing it (adding an opt rr). If we do this on
the original message (which is a pointer) we change it (obvs). When
undoing those changes we do work on a copy.
Re: testing. There isn't a explicit test for this, so I've added on to
the top-level test/ directory, which indeed makes the issue visible:
master:
~~~
go test -v -run=TestLookupCacheWithoutEdns
=== RUN TestLookupCacheWithoutEdns
cache_test.go:154: Expected no OPT RR, but got:
;; OPT PSEUDOSECTION:
; EDNS: version 0; flags: do; udp: 2048
--- FAIL: TestLookupCacheWithoutEdns (0.01s)
FAIL
~~~
This branch:
~~~
% go test -v -run=TestLookupCacheWithoutEdns
=== RUN TestLookupCacheWithoutEdns
--- PASS: TestLookupCacheWithoutEdns (0.01s)
PASS
ok github.com/coredns/coredns/test 0.109s
~~~
Signed-off-by: Miek Gieben <miek@miek.nl>
Was running coredns-master on my servers and kept seeing:
~~~
okt 14 10:38:06.473281 deb coredns[30303]: [INFO] plugin/transfer: Outgoing incremental transfer for up to date zone "miek.nl." to 37.97.149.87 for 1602370680 SOA serial
okt 14 10:40:06.498512 deb coredns[30303]: [INFO] plugin/transfer: Outgoing incremental transfer for up to date zone "miek.nl." to 37.97.149.87 for 1602370680 SOA serial
okt 14 10:42:06.553747 deb coredns[30303]: [INFO] plugin/transfer: Outgoing incremental transfer for up to date zone "miek.nl." to 37.97.149.87 for 1602370680 SOA serial
~~~
and I'm like shouldn't that be noop transfer? And sure enough, a
duplicated code block in the transfer code that logs this, so the `noop`
line is never reached.
Signed-off-by: Miek Gieben <miek@miek.nl>
By checking state.Do() were are checking if the request had DO, but
we are _always_ adding Do now - do we need to save the DO from the
ORIGINAL request, which must be done in the ResponseWriter.
Also skip OPT records in filterDNSSEC as we can't set the TTL on those
records, this prevents writing a number to OPT's MBZ.
Note none of the tests have changed and still PASS. This is due to
the fact that CoreDNSServerAndPorts isn't a full server as we start in
main, it lacks the scrubwriter for instance. This is not bad per se, but
should be documented in the test code.
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/dnstap: various cleanups
A recent issue made me look into this plugin, I suspect various other
cleanups (hopefully deletion of code) can be made as well
Remove identical functions ToClientQuery etc, and just use tap.Message
as the base type in plugin. Keep msg/ for a few helper functions that
may proof useful.
This remove the whole test directory as we will just check the things we
are interested in which gives much better feedback and keeps that code
closer together.
tapwr dir is also not needed, writer_test.go was just duplicating the
tests already done. This moves writer.go to the top directory.
Make the only user of dnstap, the forward plugin, use the newer code
also remove the test, a better test there would be a full e2e test to
see the correct thing happens.
Cleanup the Tapper interface and move it to dnstapio where it belongs,
remove higher level interfaces that are not used. This remove
dnstap.Tapper and dnstap.IORoutines.
Use the standard mechanism for getting access to a plugin and remove
shuffling the plugin into the context.
Signed-off-by: Miek Gieben <miek@miek.nl>
* use opts to get the correct proto
Signed-off-by: Miek Gieben <miek@miek.nl>
* Various fixes
Signed-off-by: Miek Gieben <miek@miek.nl>
* Remove bad addr test, as dnstap is only called from within coredns where these fields have been preparsed
Signed-off-by: Miek Gieben <miek@miek.nl>
* dnstap: remove saving the error
all these fields have been preparsed, no need for dnstap to be pedantic
and check (and save!) this error again.
Simplifies it a bit more.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/forward/dnstap.go
Co-authored-by: Ruslan Drozhdzh <30860269+rdrozhdzh@users.noreply.github.com>
* Code review
Signed-off-by: Miek Gieben <miek@miek.nl>
* add back in preferUDP
Signed-off-by: Miek Gieben <miek@miek.nl>
* nit
Signed-off-by: Miek Gieben <miek@miek.nl>
Co-authored-by: Ruslan Drozhdzh <30860269+rdrozhdzh@users.noreply.github.com>
* plugins/auto: allow fallthrough if no zone match
this is a solution to #3033
Signed-off-by: Macks <macksme@outlook.com>
* plugin/auto.go remove whitespace
Signed-off-by: Macks <macksme@outlook.com>
* Add proto and client-ip trace tags
Signed-off-by: Adam Malcontenti-Wilson <amalcontenti-wilson@zendesk.com>
* Commit my own suggestion
Signed-off-by: Miek Gieben <miek@miek.nl>
Co-authored-by: Adam Malcontenti-Wilson <amalcontenti-wilson@zendesk.com>
The filtering of DNSSEC records in the cache plugin was not done
correctly. Also the change to introduced this bug didn't take into
account that the cache - by virtue of differentiating between DNSSEC and
no-DNSSEC - relied on not copying the data from the cache.
This change copies and then filters the data and factors the filtering
into a function that is used in two places (albeit with on ugly boolean
parameters to prevent copying things twice).
Add tests, do_test.go is moved to test/cache_test.go because the OPT
handing is done outside of the cache plugin. The core server re-attaches
the correct OPT when replying, so that makes for a better e2e test.
Added small unit test for filterRRslice and an explicit test that asks
for DNSSEC first and then plain, and vice versa to test cache behavior.
Fixes: #4146
Signed-off-by: Miek Gieben <miek@miek.nl>
* For caddy v1 in our org
This RP changes all imports for caddyserver/caddy to coredns/caddy. This
is the v1 code of caddy.
For the coredns/caddy repo the following changes have been made:
* anything not needed by us is deleted
* all `telemetry` stuff is deleted
* all its import paths are also changed to point to coredns/caddy
* the v1 branch has been moved to the master branch
* a v1.1.0 tag has been added to signal the latest release
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix imports
Signed-off-by: Miek Gieben <miek@miek.nl>
* Group coredns/caddy with out plugins
Signed-off-by: Miek Gieben <miek@miek.nl>
* remove this file
Signed-off-by: Miek Gieben <miek@miek.nl>
* Relax import ordering
github.com/coredns is now also a coredns dep, this makes
github.com/coredns/caddy fit more natural in the list.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix final import
Signed-off-by: Miek Gieben <miek@miek.nl>
* cache: default to DNSSEC
This change does away with the DNS/DNSSEC distinction the cache
currently makes. Cache will always make coredns perform a DNSSEC query
and store that result. If a client just needs plain DNS, the DNSSEC
records are stripped from the response.
It should also be more memory efficient, because we store a reply once
and not one DNS and another for DNSSEC.
Fixes: #3836
Signed-off-by: Miek Gieben <miek@miek.nl>
* Change OPT RR when one is present in the msg.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Fix comment for isDNSSEC
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/cache/handler.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Update plugin/cache/item.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Code review; fix comment for isDNSSEC
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update doc and set AD to false
Set Authenticated Data to false when DNSSEC was not wanted. Also update
the readme with the new behavior.
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/cache/handler.go
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* plugin/trace: fix struct allignment
A 64 bit entity needs to be the first in a struct to make it work on 32
bit systems.
Fixes: #4111
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/erratic does makes the same mistake
Signed-off-by: Miek Gieben <miek@miek.nl>
* plugin/forward: init ClientSessionCache in tls.Config
- ClientSessionCache may speed up a TLS handshake in upcoming connections
to the same TLS server
Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>
* add comment
Signed-off-by: Ruslan Drozhdzh <rdrozhdzh@infoblox.com>
* Enable debug globally if enabled in any server config
It was currently enabled only if the plugin debug
was enabled in the last server config of the Corefile.
Signed-off-by: Olivier Lemasle <o.lemasle@gmail.com>
* Add test and update debug's README
Signed-off-by: Olivier Lemasle <o.lemasle@gmail.com>
* Update README.md
Specify that serial must change for the zone file to be reloaded.
Signed-off-by: Grant Garrett-Grossman <grantlg2@illinois.edu>
* Update plugin/auto/README.md
Co-authored-by: Miek Gieben <miek@miek.nl>
Signed-off-by: Grant Garrett-Grossman <grantlg2@illinois.edu>
Co-authored-by: Miek Gieben <miek@miek.nl>
* plugin/etcd: update documention
Make clear(er) how this plugin find records.
Fixes: #4048
Signed-off-by: Miek Gieben <miek@miek.nl>
* Update plugin/etcd/README.md
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Update plugin/etcd/README.md
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
Co-authored-by: Chris O'Haver <cohaver@infoblox.com>
* Fix wildcard records issue in rout53 plugin
This PR tries to address 4035 where wild card records does not return
correctly in route53 plugin. The issue was that `strings.Index(s, substr string)`
expect substr to be a string but the code defines as char.
This PR fixes 4035.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
* Fix failed tests
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>