Revert "gluon-core: remove DNS cache feature"

This reverts commit 543eb17882. Restores the dns caching configuration that should be feasible, since we now require around 8 MB of flash.
2023-01-15 20:46:23 +01:00 · 2023-01-15 20:46:23 +01:00 · d65ce73762
commit d65ce73762
parent 86502c46ba
6 changed files with 57 additions and 28 deletions
--- a/docs/features/dns-cache.rst
+++ b/docs/features/dns-cache.rst
@ -0,0 +1,52 @@
+DNS caching
+===========
+
+User experience may be greatly improved when dns is accelerated. Also, it
+seems like a good idea to keep the number of packages being exchanged
+between node and gateway as small as possible. In order to do this, a
+DNS cache may be used on a node. The dnsmasq instance listening on port
+53 on the node will be reconfigured to answer requests, use a list of
+upstream servers and a specific cache size if the options listed below are
+added to site.conf. Upstream servers are the DNS servers which are normally
+used by the nodes to resolve hostnames (e.g. gateways/supernodes).
+
+There are the following settings:
+    servers
+    cacheentries
+
+To use the node's DNS server, both options should be set. The node will cache at
+most 'cacheentries' many DNS records in RAM. The 'servers' list will be used to
+resolve the received DNS queries if the request cannot be answered from
+cache. Gateways should announce the "next node" address via DHCP and RDNSS (if
+any). Note that not setting 'servers' here will lead to DNS not working: Once
+the gateways all announce the "next node" address for DNS, there is no way for
+nodes to automatically determine DNS servers. They have to be baked into the
+firmware.
+
+If these settings do not exist, the cache is not initialized and RAM usage will
+not increase.
+
+When next_node.name is set, an A record and an AAAA record for the
+next-node IP address are placed in the dnsmasq configuration. This means that
+the content of next_node.name may be resolved even without upstream connectivity.
+It is suggested to use the same name as the DNS server provides:
+e.g. nextnode.location.community.example.org (This way the name also works if a
+client uses static DNS Servers). Hint: If next_node.name does not contain a dot
+some browsers would open the searchpage instead.
+
+::
+
+  dns = {
+    cacheentries = 5000,
+    servers = { '2001:db8::1', },
+  },
+
+  next_node = {
+    name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
+    ip6 = '2001:db8:8::1',
+    ip4 = '198.51.100.1',
+  }
+
+
+The cache will be initialized during startup.
+Each cache entry will occupy about 90 bytes of RAM.
--- a/docs/features/dns-forwarder.rst
+++ b/docs/features/dns-forwarder.rst
@ -1,26 +0,0 @@
-DNS forwarder
-=============
-
-A Gluon node can be configured to act as a DNS forwarder. Requests for the
-next-node hostname(s) can be answered locally, without querying the upstream
-resolver.
-
-**Note:** While this reduces answer time and allows to use the next-node
-hostname without upstream connectivity, this feature should not be used for
-next-node hostnames that are FQDN when the zone uses DNSSEC.
-
-One or more upstream resolvers can be configured in the *dns.servers* setting.
-When *next_node.name* is set, A and/or AAAA records for the next-node IP
-addresses are placed in the dnsmasq configuration.
-
-::
-
-  dns = {
-    servers = { '2001:db8::1', },
-  },
-
-  next_node = {
-    name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
-    ip6 = '2001:db8:8::1',
-    ip4 = '198.51.100.1',
-  }
--- a/docs/index.rst
+++ b/docs/index.rst
@ -25,7 +25,7 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre
  features/wlan-configuration
  features/private-wlan
  features/wired-mesh
-  features/dns-forwarder
+  features/dns-cache
  features/monitoring
  features/multidomain
  features/authorized-keys
--- a/docs/releases/v2017.1.rst
+++ b/docs/releases/v2017.1.rst
@ -88,6 +88,8 @@ New features
 * Add support for making nodes a DNS cache for clients
  (`#1000 <https://github.com/freifunk-gluon/gluon/pull/1000>`_)

+  See also: :doc:`../features/dns-cache`
+
 * Add L2TP via tunneldigger as an alternative VPN system
  (`#978 <https://github.com/freifunk-gluon/gluon/pull/978>`_)

--- a/package/gluon-core/check_site.lua
+++ b/package/gluon-core/check_site.lua
@ -66,6 +66,7 @@ need_boolean(in_site({'poe_passthrough'}), false)

 if need_table({'dns'}, nil, false) then
 	need_string_array_match({'dns', 'servers'}, '^[%x:]+$')
+	need_number({'dns', 'cacheentries'}, false)
 end

 need_string_array(in_domain({'next_node', 'name'}), false)
--- a/package/gluon-core/luasrc/lib/gluon/upgrade/820-dns-config
+++ b/package/gluon-core/luasrc/lib/gluon/upgrade/820-dns-config
@ -12,7 +12,7 @@ uci:set('dhcp', dnsmasq, 'localise_queries', true)
 uci:set('dhcp', dnsmasq, 'localservice', false)

 uci:set('dhcp', dnsmasq, 'server', dns.servers)
-uci:delete('dhcp', dnsmasq, 'cachesize')
+uci:set('dhcp', dnsmasq, 'cachesize', dns.cacheentries)

 uci:delete('firewall', 'client_dns')
 if dns.servers then