Re: [syslog-ng]DNS caching
At 09:01 20.03.2002 +1000, you wrote:
On Tue, 19 Mar 2002 at 10:24am (+0100), Balazs Scheidler wrote: [...]
can you check this patch, whether it fixes your problem ?
diff -u -r1.37 cfgfile.c --- cfgfile.c 2001/09/03 16:42:23 1.37 +++ cfgfile.c 2002/03/19 09:23:55
[...]
Thank you... it appears to be working as advertised now. When running with NSCACHE_DEBUG enabled we get lots of messages like...
.... which looks good. CPU usage for the syslog process has dropped from ~80% to ~40% (hazzah!) and the named process that was doing local caching has dropped from ~10% to almost nill.
Dear Bazsi, Thanks, also works flawless here, I get hardly any hits on my dnscache. Btw. the default option of dns_cache is "on", maybe you should document this or change it to "no", otherwise people who upgrade to newer versions (with the fixed dns_cache) may be confused by the "new" behaviour of syslog-ng. You also mention "syslog-ng blocks on DNS queries, so enabling DNS may lead to a Denial of Service attack." in your documentation. Does this mean that syslog messages which are received by the NIC, while syslog-ng performs a synchronous DNS lookup, are stored in the kernels receive buffer or are dropped? best regards, -- Michael Rennner Junior System Engineer Inode Telekommunikationsdienstleistungs GmbH - http://www.inode.at support@inode.at, Tel.: 05 9999-0, Fax.: 05 9999-2699
On Thu, Mar 21, 2002 at 09:17:33AM +0100, Michael Renner wrote:
At 09:01 20.03.2002 +1000, you wrote:
On Tue, 19 Mar 2002 at 10:24am (+0100), Balazs Scheidler wrote: [...]
can you check this patch, whether it fixes your problem ?
diff -u -r1.37 cfgfile.c --- cfgfile.c 2001/09/03 16:42:23 1.37 +++ cfgfile.c 2002/03/19 09:23:55
[...]
Thank you... it appears to be working as advertised now. When running with NSCACHE_DEBUG enabled we get lots of messages like...
.... which looks good. CPU usage for the syslog process has dropped from ~80% to ~40% (hazzah!) and the named process that was doing local caching has dropped from ~10% to almost nill.
Dear Bazsi,
Thanks, also works flawless here, I get hardly any hits on my dnscache. Btw. the default option of dns_cache is "on", maybe you should document this or change it to "no", otherwise people who upgrade to newer versions (with the fixed dns_cache) may be confused by the "new" behaviour of syslog-ng.
You also mention "syslog-ng blocks on DNS queries, so enabling DNS may lead to a Denial of Service attack." in your documentation. Does this mean that syslog messages which are received by the NIC, while syslog-ng performs a synchronous DNS lookup, are stored in the kernels receive buffer or are dropped?
they are stored in receive buffers in the kernel, but if a message doesn't fit into this receive buffer, it is dropped. This applies only to UDP and unix-dgram messages. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
participants (2)
-
Balazs Scheidler
-
Michael Renner