[syslog-ng]DNS caching
Michael Renner
m.renner@inode.at
Thu, 21 Mar 2002 09:17:33 +0100
At 09:01 20.03.2002 +1000, you wrote:
>On Tue, 19 Mar 2002 at 10:24am (+0100), Balazs Scheidler wrote:
>[...]
>
> >
> > can you check this patch, whether it fixes your problem ?
> >
> > diff -u -r1.37 cfgfile.c
> > --- cfgfile.c 2001/09/03 16:42:23 1.37
> > +++ cfgfile.c 2002/03/19 09:23:55
>
>[...]
>
>Thank you... it appears to be working as advertised now. When running with
>NSCACHE_DEBUG enabled we get lots of messages like...
>
>.... which looks good. CPU usage for the syslog process has dropped from
>~80% to ~40% (hazzah!) and the named process that was doing local caching
>has dropped from ~10% to almost nill.
Dear Bazsi,
Thanks, also works flawless here, I get hardly any hits on my dnscache.
Btw. the default option of dns_cache is "on", maybe you should document
this or change it to "no", otherwise people who upgrade to newer versions
(with the fixed dns_cache) may be confused by the "new" behaviour of syslog-ng.
You also mention "syslog-ng blocks on DNS queries, so enabling DNS may lead
to a Denial of Service attack." in your documentation. Does this mean that
syslog messages which are received by the NIC, while syslog-ng performs a
synchronous DNS lookup, are stored in the kernels receive buffer or are
dropped?
best regards,
--
Michael Rennner
Junior System Engineer
Inode Telekommunikationsdienstleistungs GmbH - http://www.inode.at
support@inode.at, Tel.: 05 9999-0, Fax.: 05 9999-2699