From 45077711769edabbfdcc71b14734f43ebbcb2f9a Mon Sep 17 00:00:00 2001 From: cytopia Date: Fri, 1 Jul 2022 15:08:04 +0200 Subject: [PATCH 1/2] Adding MAX_CACHE_SIZE --- Dockerfiles/data/docker-entrypoint.sh | 42 +++++++++++++++++++++++++-- README.md | 24 ++++++++++----- 2 files changed, 56 insertions(+), 10 deletions(-) diff --git a/Dockerfiles/data/docker-entrypoint.sh b/Dockerfiles/data/docker-entrypoint.sh index 280ff60..27f7412 100755 --- a/Dockerfiles/data/docker-entrypoint.sh +++ b/Dockerfiles/data/docker-entrypoint.sh @@ -76,6 +76,7 @@ DEFAULT_REFRESH_TIME=1200 DEFAULT_RETRY_TIME=180 DEFAULT_EXPIRY_TIME=1209600 DEFAULT_MAX_CACHE_TIME=10800 +DEFAULT_MAX_CACHE_SIZE="90%" @@ -285,6 +286,7 @@ add_options() { local allow_query="${4}" local allow_recursion="${5}" local response_policy="${6}" + local max_cache_size="${7}" { echo "options {" @@ -292,6 +294,7 @@ add_options() { echo " dnssec-validation ${dnssec_validate};" echo " auth-nxdomain no; # conform to RFC1035" echo " listen-on-v6 { any; };" + echo " max-cache-size ${max_cache_size};" if [ -n "${response_policy}" ]; then echo " response-policy { zone \"${response_policy}\"; };" fi @@ -650,6 +653,39 @@ else MAX_CACHE_TIME="${DEFAULT_MAX_CACHE_TIME}" fi +if printenv MAX_CACHE_SIZE >/dev/null 2>&1 && [ -n "$( printenv MAX_CACHE_SIZE )" ]; then + MAX_CACHE_SIZE="$( printenv MAX_CACHE_SIZE )" + if [ "${MAX_CACHE_SIZE}" = "unlimited" ]; then + log "info" "Changing DNS Max Cache size to: ${MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + elif [ "${MAX_CACHE_SIZE}" = "0" ]; then + log "info" "Changing DNS Max Cache size to: ${MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + # Extract value and unit + else + MAX_CACHE_SIZE_VALUE="$( echo "${MAX_CACHE_SIZE}" | grep -Eo '[0-9]+' )" + MAX_CACHE_SIZE_UNIT="$( echo "${MAX_CACHE_SIZE}" | grep -Eo '[^0-9]+' )" # Allowed: %, k, K, m, M, g, G or empty + + if [ -z "${MAX_CACHE_SIZE_VALUE}" ]; then + log "warn" "Wrong value for \$MAX_CACHE_SIZE '${MAX_CACHE_SIZE}', defaultint to: ${DEFAULT_MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + MAX_CACHE_SIZE="${DEFAULT_MAX_CACHE_SIZE}" + elif [ -z "${MAX_CACHE_SIZE_UNIT}" ]; then + log "info" "Changing DNS Max Cache size to: ${MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + MAX_CACHE_SIZE="${MAX_CACHE_SIZE_VALUE}" + else + # Validate correct unit + if ! echo "${MAX_CACHE_SIZE_UNIT}" | grep -E '[%kKmMgG]' >/dev/null; then + log "warn" "Wrong unit for \$MAX_CACHE_SIZE '${MAX_CACHE_SIZE_UNIT}', defaultint to: ${DEFAULT_MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + MAX_CACHE_SIZE="${DEFAULT_MAX_CACHE_SIZE}" + else + log "info" "Changing DNS Max Cache size to: ${MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + MAX_CACHE_SIZE="${MAX_CACHE_SIZE_VALUE}${MAX_CACHE_SIZE_UNIT}" + fi + fi + fi +else + log "info" "Using default DNS Max Cache size: ${DEFAULT_MAX_CACHE_SIZE}" "${DEBUG_ENTRYPOINT}" + MAX_CACHE_SIZE="${DEFAULT_MAX_CACHE_SIZE}" +fi + #################################################################################################### @@ -872,7 +908,8 @@ if ! printenv DNS_FORWARDER >/dev/null 2>&1; then "" \ "${_allow_query_block}" \ "${_allow_recursion_block}" \ - "${FWD_ZONES}" + "${FWD_ZONES}" \ + "${MAX_CACHE_SIZE}" else # To be pupulated @@ -908,7 +945,8 @@ else "${_forwarders_block}" \ "${_allow_query_block}" \ "${_allow_recursion_block}" \ - "${FWD_ZONES}" + "${FWD_ZONES}" \ + "${MAX_CACHE_SIZE}" fi diff --git a/README.md b/README.md index 3eec60a..e41064f 100644 --- a/README.md +++ b/README.md @@ -54,13 +54,14 @@ Bind caching DNS server based on Debian slim with support for DNS forwarders, in 5. [DNS_PTR](#dns_ptr) 6. [DNSSEC_VALIDATE](#dnssec_validate) 7. [DNS_FORWARDER](#dns_forwarder) - 8. [TTL_TIME](#ttl_time) - 9. [REFRESH_TIME](#refresh_time) - 10. [RETRY_TIME](#retry_time) - 11. [EXPIRY_TIME](#expiry_time) - 12. [MAX_CACHE_TIME](#max_cache_time) - 13. [ALLOW_QUERY](#allow_query) - 14. [ALLOW_RECURSION](#allow_recursion) + 8. [MAX_CACHE_SIZE](#max_cache_size) + 9. [TTL_TIME](#ttl_time) + 10. [REFRESH_TIME](#refresh_time) + 11. [RETRY_TIME](#retry_time) + 12. [EXPIRY_TIME](#expiry_time) + 13. [MAX_CACHE_TIME](#max_cache_time) + 14. [ALLOW_QUERY](#allow_query) + 15. [ALLOW_RECURSION](#allow_recursion) 2. [Default mountpoints](#default-mountpoints) 3. [Default ports](#default-ports) 4. [Examples](#examples) @@ -96,7 +97,8 @@ Bind caching DNS server based on Debian slim with support for DNS forwarders, in | `DNS_PTR` | string | | Comma separated list of PTR records (reverse DNS). | | `DNSSEC_VALIDATE` | string | `no` | Control the behaviour of DNSSEC validation. The default is to not validate: `no`. Other possible values are: `yes` and `auto`. | | `DNS_FORWARDER` | string | | Specify a comma separated list of IP addresses as custom DNS resolver. This is useful if your LAN already has a DNS server which adds custom/internal domains and you still want to keep them in this DNS server
Example: `DNS_FORWARDER=8.8.8.8,8.8.4.4` | -| `TTL_TIME` | int | `3600` | (Time in seconds) See [BIND TTL](http://www.zytrax.com/books/dns/apa/ttl.html) and [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html)| +| `MAX_CACHE_SIZE` | size | `90%` | Amount of memory used by the server (cached results) | +| `ttl_time` | int | `3600` | (time in seconds) see [bind ttl](http://www.zytrax.com/books/dns/apa/ttl.html) and [bind soa](http://www.zytrax.com/books/dns/ch8/soa.html)| | `REFRESH_TIME` | int | `1200` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) | | `RETRY_TIME` | int | `180` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) | | `EXPIRY_TIME` | int | `1209600` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) | @@ -202,6 +204,12 @@ Some examples DNS_FORWARDER='8.8.8.8' DNS_FORWARDER='8.8.8.8,192.168.0.10' ``` +#### MAX_CACHE_SIZE +The amount of RAM used by the server to store results. You can use relative (percent) or absolute (bytes) values. +Examples: +* `MAX_CACHE_SIZE=30%` (Use 30% of the systems memory) +* `MAX_CACHE_SIZE=512M` (Use 512 Megabytes) +* `MAX_CACHE_SIZE=2G` (Use 2 Gigabytes) #### TTL_TIME Specify time in seconds. From dfcb0d474a664882a4a74926f3a732c4be8d05a1 Mon Sep 17 00:00:00 2001 From: cytopia Date: Fri, 1 Jul 2022 15:09:51 +0200 Subject: [PATCH 2/2] Upper-case ttl_time in readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e41064f..baca81a 100644 --- a/README.md +++ b/README.md @@ -98,7 +98,7 @@ Bind caching DNS server based on Debian slim with support for DNS forwarders, in | `DNSSEC_VALIDATE` | string | `no` | Control the behaviour of DNSSEC validation. The default is to not validate: `no`. Other possible values are: `yes` and `auto`. | | `DNS_FORWARDER` | string | | Specify a comma separated list of IP addresses as custom DNS resolver. This is useful if your LAN already has a DNS server which adds custom/internal domains and you still want to keep them in this DNS server
Example: `DNS_FORWARDER=8.8.8.8,8.8.4.4` | | `MAX_CACHE_SIZE` | size | `90%` | Amount of memory used by the server (cached results) | -| `ttl_time` | int | `3600` | (time in seconds) see [bind ttl](http://www.zytrax.com/books/dns/apa/ttl.html) and [bind soa](http://www.zytrax.com/books/dns/ch8/soa.html)| +| `TTL_TIME` | int | `3600` | (time in seconds) see [bind ttl](http://www.zytrax.com/books/dns/apa/ttl.html) and [bind soa](http://www.zytrax.com/books/dns/ch8/soa.html)| | `REFRESH_TIME` | int | `1200` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) | | `RETRY_TIME` | int | `180` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) | | `EXPIRY_TIME` | int | `1209600` | (Time in seconds) See [BIND SOA](http://www.zytrax.com/books/dns/ch8/soa.html) |