From 3236f358f84d142d4daaccb058c6850e73f1d066 Mon Sep 17 00:00:00 2001 From: Simon Kelley Date: Sun, 13 Jun 2021 21:29:22 +0100 Subject: Revise resource handling for number of concurrent DNS queries. This used to have a global limit, but that has a problem when using different servers for different upstream domains. Queries which are routed by domain to an upstream server which is not responding will build up and trigger the limit, which breaks DNS service for all other domains which could be handled by other servers. The change is to make the limit per server-group, where a server group is the set of servers configured for a particular domain. In the common case, where only default servers are declared, there is no effective change. --- man/dnsmasq.8 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'man') diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index 59b6709..e31fc66 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -731,7 +731,8 @@ identical queries without forwarding them again. Set the maximum number of concurrent DNS queries. The default value is 150, which should be fine for most setups. The only known situation where this needs to be increased is when using web-server log file -resolvers, which can generate large numbers of concurrent queries. +resolvers, which can generate large numbers of concurrent queries. This +parameter actually controls the number of concurrent queries per server group, where a server group is the set of server(s) associated with a single domain. So if a domain has it's own server via --server=/example.com/1.2.3.4 and 1.2.3.4 is not responding, but queries for *.example.com cannot go elsewhere, then other queries will not be affected. On configurations with many such server groups and tight resources, this value may need to be reduced. .TP .B --dnssec Validate DNS replies and cache DNSSEC data. When forwarding DNS queries, dnsmasq requests the -- cgit v1.2.1