diff --git a/CHANGES b/CHANGES
index 8e72464d45..65269b7deb 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,9 @@
+3852. [func] Increase the default number of clients available
+ for servicing lightweight resolver queries, and
+ make them configurable via the "lwres-tasks" and
+ "lwres-clients" options. (Thanks to Tomas Hozza.)
+ [RT #35857]
+
3851. [func] Allow libseccomp based system-call filtering
on Linux; use "configure --enable-seccomp" to
turn it on. Thanks to Loganaden Velvindron for
diff --git a/bin/named/include/named/lwresd.h b/bin/named/include/named/lwresd.h
index 565e58d7ab..f5cef7b7bf 100644
--- a/bin/named/include/named/lwresd.h
+++ b/bin/named/include/named/lwresd.h
@@ -36,6 +36,8 @@ struct ns_lwresd {
dns_view_t *view;
ns_lwsearchlist_t *search;
unsigned int ndots;
+ unsigned int ntasks;
+ unsigned int nclients;
isc_mem_t *mctx;
isc_boolean_t shutting_down;
unsigned int refs;
diff --git a/bin/named/lwresd.c b/bin/named/lwresd.c
index 8a9ecb64af..84eb593507 100644
--- a/bin/named/lwresd.c
+++ b/bin/named/lwresd.c
@@ -60,11 +60,7 @@
#define LWRESLISTENER_MAGIC ISC_MAGIC('L', 'W', 'R', 'L')
#define VALID_LWRESLISTENER(l) ISC_MAGIC_VALID(l, LWRESLISTENER_MAGIC)
-/*!
- * The total number of clients we can handle will be NTASKS * NRECVS.
- */
-#define NTASKS 2 /*%< tasks to create to handle lwres queries */
-#define NRECVS 2 /*%< max clients per task */
+#define LWRESD_NCLIENTS_MAX 32768 /*%< max clients per task */
typedef ISC_LIST(ns_lwreslistener_t) ns_lwreslistenerlist_t;
@@ -395,6 +391,24 @@ ns_lwdmanager_create(isc_mem_t *mctx, const cfg_obj_t *lwres,
}
}
+ obj = NULL;
+ (void)cfg_map_get(lwres, "lwres-tasks", &obj);
+ if (obj != NULL)
+ lwresd->ntasks = cfg_obj_asuint32(obj);
+ else
+ lwresd->ntasks = ns_g_cpus;
+
+ obj = NULL;
+ (void)cfg_map_get(lwres, "lwres-clients", &obj);
+ if (obj != NULL) {
+ lwresd->nclients = cfg_obj_asuint32(obj);
+ if (lwresd->nclients > LWRESD_NCLIENTS_MAX)
+ lwresd->nclients = LWRESD_NCLIENTS_MAX;
+ } else if (ns_g_lwresdonly)
+ lwresd->nclients = 1024;
+ else
+ lwresd->nclients = 256;
+
lwresd->magic = LWRESD_MAGIC;
*lwresdp = lwresd;
@@ -604,15 +618,24 @@ static isc_result_t
listener_startclients(ns_lwreslistener_t *listener) {
ns_lwdclientmgr_t *cm;
unsigned int i;
- isc_result_t result;
+ isc_result_t result = ISC_R_SUCCESS;
+
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
+ NS_LOGMODULE_LWRESD, ISC_LOG_DEBUG(6),
+ "listener_startclients: creating %d "
+ "managers with %d clients each",
+ listener->manager->ntasks, listener->manager->nclients);
/*
* Create the client managers.
*/
- result = ISC_R_SUCCESS;
- for (i = 0; i < NTASKS && result == ISC_R_SUCCESS; i++)
- result = ns_lwdclientmgr_create(listener, NRECVS,
+ for (i = 0; i < listener->manager->ntasks; i++) {
+ result = ns_lwdclientmgr_create(listener,
+ listener->manager->nclients,
ns_g_taskmgr);
+ if (result != ISC_R_SUCCESS)
+ break;
+ }
/*
* Ensure that we have created at least one.
diff --git a/bin/named/named.conf.docbook b/bin/named/named.conf.docbook
index 4c99a61ecd..cf3d9499b2 100644
--- a/bin/named/named.conf.docbook
+++ b/bin/named/named.conf.docbook
@@ -187,6 +187,8 @@ lwres {
view stringoptional_class;
search { string; ... };
ndots integer;
+ lwres-tasks integer;
+ lwres-clients integer;
};
diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml
index aa0b4b2290..b0b691790d 100644
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -2563,7 +2563,12 @@ $ORIGIN 0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.
be configured to act as a lightweight resolver daemon using the
lwres statement in named.conf.
-
+
+ The number of client queries that the lwresd
+ daemon is able to serve can be set using the
+ and
+ statements in the configuration.
+
@@ -4654,6 +4659,8 @@ badresp:1,adberr:0,findfail:0,valfail:0]
view view_name; search { domain_name ; domain_name ; ... }; ndots number;
+ lwres-tasks number;
+ lwres-clients number;
};
@@ -4711,7 +4718,32 @@ badresp:1,adberr:0,findfail:0,valfail:0]
minimum
number of dots in a relative domain name that should result in an
exact match lookup before search path elements are appended.
-
+
+
+ The statement specifies the number
+ of worker threads the lightweight resolver will dedicate to serving
+ clients. By default the number is the same as the number of CPUs on
+ the system; this can be overridden using the
+ command line option when starting the server.
+
+
+ The specifies
+ the number of client objects per thread the lightweight
+ resolver should create to serve client queries.
+ By default, if the lightweight resolver runs as a part
+ of named, 256 client objects are
+ created for each task; if it runs as lwresd,
+ 1024 client objects are created for each thread. The maximum
+ value is 32768; higher values will be silently ignored and
+ the maximum will be used instead.
+ Note that setting too high a value may overconsume
+ system resources.
+
+
+ The maximum number of client queries that the lightweight
+ resolver can handle at any one time equals
+ times .
+ <command>masters</command> Statement Grammar
diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index cd5be199dd..96ce6c12df 100644
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -2925,6 +2925,8 @@ lwres_clauses[] = {
{ "view", &cfg_type_lwres_view, 0 },
{ "search", &cfg_type_lwres_searchlist, 0 },
{ "ndots", &cfg_type_uint32, 0 },
+ { "lwres-tasks", &cfg_type_uint32, 0},
+ { "lwres-clients", &cfg_type_uint32, 0},
{ NULL, NULL, 0 }
};