Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsdist: add multi-stream dnstap sockets #14861

Open
johnhtodd opened this issue Nov 22, 2024 · 3 comments
Open

dnsdist: add multi-stream dnstap sockets #14861

johnhtodd opened this issue Nov 22, 2024 · 3 comments
Labels
dnsdist feature request
Milestone
dnsdist-2.1.0

Comments

@johnhtodd
Copy link

  • Program: dnsdist
  • Issue type: Feature request

Short description

Adding multiple streams of dnstap data emitted from dnsdist would allow better scaling for dnstap consumers.

Usecase

We're using Vector to consume dnstap streams from dnsdist. There apparently are bottlenecks with single-socket models of dnstap data transmission. This I'm sure would be exacerbated by slower latency on the LAN and larger traffic volumes - the ACK traffic will start to cause pileups with a single socket. Spreading the data load out across many dnstap sockets like pdns-rec does would make sense. There is discussion of this here: vectordotdev/vector#20744 (see comment from james-stevens)

Description

Having dnsdist open multiple simultaneous dnstap sockets to any named endpoint would be useful. The number of sockets could be configurable, or it could be based on threading, or dynamic based on number of messages - no opinion on that. How does pdns-rec do it?
@omoerbeek
Copy link
Member

The recursor opens a dnstap or protobuf logging stream per thread. Each thread logs to its associated socket.

@rgacogne
Copy link
Member

At the moment DNSdist creates one fstrm_writer per newFrameStreamUnixLogger or newFrameStreamTcpLogger object, so in theory it is already possible to create more than one connection, but it might be quite cumbersome to use them so.

@rgacogne rgacogne added this to the dnsdist-2.1.0 milestone Nov 22, 2024
@johnhtodd
Copy link
Author

More notes on this: When we had >60kqps flowing through a single TCP session to Vector, I was seeing what I would describe as high fluctuations in bandwidth between the transmitting server and the Vector instance. Meaning: for a few milliseconds, there would be many (20? I don't recall the number) megabits of throughput, which would then drop for a few milliseconds to 5 megabits of throughput, and then jump back to 20. This was observed via packet dumps with tshark. Sorry that I don't have the exact figures here; I was hunting a different problem and that behavior was a "Huh... interesting." moment, but I did not document it. I suspect this is a behavior that is made worse by the single-socket model in use. The same packet dump looking at data coming from pdns-rec (with less than 60kqps, admittedly) was extremely smooth - there were no fluctuations in the packet throughput between Vector and the recursive resolver on the dnstap data stream. Is this the "fault" of dnsdist? Not necessarily, but the single-socket model may make things worse than they need to be.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dnsdist feature request
Projects
None yet
Milestone
dnsdist-2.1.0
Development

No branches or pull requests
3 participants
@rgacogne @omoerbeek @johnhtodd