nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "gluon-core: remove DNS cache feature"

Browse Source 
This reverts commit 543eb17882.

Restores the dns caching configuration that should be feasible, since we
now require around 8 MB of flash.
This commit is contained in:
Martin Weinelt 2023-01-15 20:46:23 +01:00
parent 86502c46ba
commit d65ce73762
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759
6 changed files with 57 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
docs/features/dns-cache.rst Normal file
View File

@ -0,0 +1,52 @@
DNS caching
===========
User experience may be greatly improved when dns is accelerated. Also, it
seems like a good idea to keep the number of packages being exchanged
between node and gateway as small as possible. In order to do this, a
DNS cache may be used on a node. The dnsmasq instance listening on port
53 on the node will be reconfigured to answer requests, use a list of
upstream servers and a specific cache size if the options listed below are
added to site.conf. Upstream servers are the DNS servers which are normally
used by the nodes to resolve hostnames (e.g. gateways/supernodes).
There are the following settings:
servers
cacheentries
To use the node's DNS server, both options should be set. The node will cache at
most 'cacheentries' many DNS records in RAM. The 'servers' list will be used to
resolve the received DNS queries if the request cannot be answered from
cache. Gateways should announce the "next node" address via DHCP and RDNSS (if
any). Note that not setting 'servers' here will lead to DNS not working: Once
the gateways all announce the "next node" address for DNS, there is no way for
nodes to automatically determine DNS servers. They have to be baked into the
firmware.
If these settings do not exist, the cache is not initialized and RAM usage will
not increase.
When next_node.name is set, an A record and an AAAA record for the
next-node IP address are placed in the dnsmasq configuration. This means that
the content of next_node.name may be resolved even without upstream connectivity.
It is suggested to use the same name as the DNS server provides:
e.g. nextnode.location.community.example.org (This way the name also works if a
client uses static DNS Servers). Hint: If next_node.name does not contain a dot
some browsers would open the searchpage instead.
::
dns = {
cacheentries = 5000,
servers = { '2001:db8::1', },
},
next_node = {
name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
ip6 = '2001:db8:8::1',
ip4 = '198.51.100.1',
}
The cache will be initialized during startup.
Each cache entry will occupy about 90 bytes of RAM.

26
docs/features/dns-forwarder.rst
View File

@ -1,26 +0,0 @@
DNS forwarder
=============
A Gluon node can be configured to act as a DNS forwarder. Requests for the
next-node hostname(s) can be answered locally, without querying the upstream
resolver.
**Note:** While this reduces answer time and allows to use the next-node
hostname without upstream connectivity, this feature should not be used for
next-node hostnames that are FQDN when the zone uses DNSSEC.
One or more upstream resolvers can be configured in the *dns.servers* setting.
When *next_node.name* is set, A and/or AAAA records for the next-node IP
addresses are placed in the dnsmasq configuration.
::
dns = {
servers = { '2001:db8::1', },
},
next_node = {
name = { 'nextnode.location.community.example.org', 'nextnode', 'nn' },
ip6 = '2001:db8:8::1',
ip4 = '198.51.100.1',
}

2
docs/index.rst
View File

@ -25,7 +25,7 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre
features/wlan-configuration features/wlan-configuration
features/private-wlan features/private-wlan
features/wired-mesh features/wired-mesh
features/dns-forwarder features/dns-cache
features/monitoring features/monitoring
features/multidomain features/multidomain
features/authorized-keys features/authorized-keys

2
docs/releases/v2017.1.rst
View File

@ -88,6 +88,8 @@ New features
* Add support for making nodes a DNS cache for clients * Add support for making nodes a DNS cache for clients
(`#1000 <https://github.com/freifunk-gluon/gluon/pull/1000>`_) (`#1000 <https://github.com/freifunk-gluon/gluon/pull/1000>`_)
See also: :doc:`../features/dns-cache`
* Add L2TP via tunneldigger as an alternative VPN system * Add L2TP via tunneldigger as an alternative VPN system
(`#978 <https://github.com/freifunk-gluon/gluon/pull/978>`_) (`#978 <https://github.com/freifunk-gluon/gluon/pull/978>`_)

1
package/gluon-core/check_site.lua
View File

@ -66,6 +66,7 @@ need_boolean(in_site({'poe_passthrough'}), false)
if need_table({'dns'}, nil, false) then if need_table({'dns'}, nil, false) then
need_string_array_match({'dns', 'servers'}, '^[%x:]+$') need_string_array_match({'dns', 'servers'}, '^[%x:]+$')
need_number({'dns', 'cacheentries'}, false)
end end
need_string_array(in_domain({'next_node', 'name'}), false) need_string_array(in_domain({'next_node', 'name'}), false)

2
package/gluon-core/luasrc/lib/gluon/upgrade/820-dns-config
View File

@ -12,7 +12,7 @@ uci:set('dhcp', dnsmasq, 'localise_queries', true)
uci:set('dhcp', dnsmasq, 'localservice', false) uci:set('dhcp', dnsmasq, 'localservice', false)
uci:set('dhcp', dnsmasq, 'server', dns.servers) uci:set('dhcp', dnsmasq, 'server', dns.servers)
uci:delete('dhcp', dnsmasq, 'cachesize') uci:set('dhcp', dnsmasq, 'cachesize', dns.cacheentries)
uci:delete('firewall', 'client_dns') uci:delete('firewall', 'client_dns')
if dns.servers then if dns.servers then