These are chat archives for CZ-NIC/knot-resolver

9th
Oct 2018
edoo
@ookangzheng
Oct 09 2018 09:52
I found a problem while using dnsdist
It can’t verify DNSSEC
I got DNSSEC fail
Robert Šefr
@robcza
Oct 09 2018 13:10
@vcunat I thought the cache is always in the ram and the lmdb:// is used for persistence only. But if I understand you properly, having lmdb:// on the physical drive means bigger cache lookup latency?
Vladimír Čunát
@vcunat
Oct 09 2018 13:11
No, the cache is always directly in LMDB.
And LMDB is implemented via mmap-ping a file.
OS writes the dirty pages to the FS as it sees fit.
Bigger latency will only happen if you don't have enough RAM for the currently used cache parts.
(But it's up to the OS, really, similarly to using swap.)
Robert Šefr
@robcza
Oct 09 2018 13:13
but does that mean, that if I have 1 GB cache size and persistence to tmpfs, It will consume up to 2 GB of RAM?
Vladimír Čunát
@vcunat
Oct 09 2018 13:14
No.
It will be 1 GB.
The beauty of mmap is that you access the kernel's cache memory directly.
Robert Šefr
@robcza
Oct 09 2018 13:15
Ok, I'm going to test this out. Thank you
Vladimír Čunát
@vcunat
Oct 09 2018 13:15
Yes, best verify this :-)
1 GB is rather large cache for kresd and it's relatively cheap for the machine. Our SOHO routers seem to do fine with 20 MiB cache (Turris Omnia).
Robert Šefr
@robcza
Oct 09 2018 13:17
1 GB is intended for ISP / Telco level deployment
Robert Šefr
@robcza
Oct 09 2018 14:16
@vcunat first tests with tmpfs seems promising, no hiccups, setup was easy, I like it
Vladimír Čunát
@vcunat
Oct 09 2018 14:16
With the current state of kresd you probably want to avoid the event of filling up the cache (or let it happen rather rarely).
You may check the utilization by simple du command on the file.
(At least in the beginning - I think no hole-punching is done when freeing memory, so du will probably report the memory that has been used at least once.)