Closed Bug 1493619 Opened 7 years ago Closed 7 years ago

DNS cache: pad very short TTLs with a grace period

Categories

(Core :: Networking: DNS, enhancement, P2)

Product:
Core
Component:
Networking: DNS
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla64
Tracking Flags:
Tracking Status
firefox64 --- fixed

People

(Reporter: daniel, Assigned: daniel)

Details

(Whiteboard: [necko-triaged])

Attachments

(1 file)

bug 1493619 - pad DNS entry grace period for low TTL cases
46 bytes, text/x-phabricator-request
Details | Review
(split out from bug 1463374) With proper support for DNS TTLs, we occasionally get responses with single-digit seconds life-times. This makes them expire from the cache ridiculously fast, and for TTL-support we don't set a grace period. Since the non-TTL version of the DNS cache still works fine with 60 second default TTL + 60 second grace timeout, there's a strong indicator that just adding a little grace will not break Firefox for users with TTL supported DNS resolves. I propose we set a grace for all TTLs less than a minute to pad out the cache life time to a full minute (at least). Like this: if (ttl < 60) { grace = 60 - ttl; }
Whiteboard: [necko-triaged]
MozReview-Commit-ID: 8AsmyaSYVJr
Is there a way to notice that we are breaking something? Do we have some telemetry probe? If we do not have any, we should add some, e.g. maybe black-listed address rate when a record is used in grace period.
Flags: needinfo?(daniel)
We don't have any decent probe to measure if this breaks anything. But again: we already set a 60 second grace period to *all* DNS entries when using the native resolver on Linux and mac so if adding (up to 60 seconds) grace would be a problem, that problem would already exist in Firefox on these platforms since a few years back. But adding some sort of counter for how many blacklisted addresses that are added while in grace period compared to non-grace could certainly be an interesting probe. However; isn't the blacklisting basically the only current method we have to disable further IPv6 attempts for specific hosts for the cases where you resolve IPv6 addresses but IPv6 isn't working (correctly) ? If so, then I presume those blocks will drown all other blocks.
Flags: needinfo?(daniel) → needinfo?(dd.mozilla)
Pushed by daniel@haxx.se: https://hg.mozilla.org/integration/autoland/rev/ddcd7cc2f3cd pad DNS entry grace period for low TTL cases r=dragana
https://hg.mozilla.org/mozilla-central/rev/ddcd7cc2f3cd
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox64: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Flags: needinfo?(dd.mozilla)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: