Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Weird behavior when using DoH with the multi interface
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Timothe Litt <litt_at_acm.org>
Date: Tue, 4 Jun 2024 11:24:59 -0400
This would seem to still leave the doh connections consuming data
connections' cache quota.
That is, doh can crowd out data connections, or at least makes the
connection limit hard to explain or manage.
The application has no control over how many DNS transactions it takes
to resolve, e.g. a redirect/cname chain. So picking a limit would
require guesswork.
UDP DNS transactions don't count against the connection limit (Do TCP if
you have to fall back due to truncation?), so I don't see why doh
should. Certainly neither count if you resolve thru glib. In any case,
the DNS and data transfer processes are separate.
An alternate approach would be to not count the DOH connections at all -
or keep a separate cache and/or quota for them. You probably don't
want a long-lived libcurl user to keep DOH connections forever, or to
cache very large numbers. So a separate limit seems like the right
approach.
Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.
On 04-Jun-24 10:59, Daniel Stenberg via curl-library wrote:
> On Tue, 4 Jun 2024, Daniel Stenberg via curl-library wrote:
>
>> Interesting case. I think we should make DoH requests exempt from
>> that check/restriciton, as otherwise you can end up in this kind of
>> catch-22 situation.
>
> kartatz, how about a patch like this?
>
> --- a/lib/url.c
> +++ b/lib/url.c
> _at__at_ -3661,12 +3661,16 _at__at_ static CURLcode create_conn(struct Curl_easy
> *data,
> /* The cache is full. Let's see if we can kill a connection. */
> conn_candidate = Curl_conncache_extract_oldest(data);
> if(conn_candidate)
> Curl_disconnect(data, conn_candidate, FALSE);
> else {
> - infof(data, "No connections available in cache");
> - connections_available = FALSE;
> + if(data->set.dohfor)
> + infof(data, "Allowing DoH to override max connection limit");
> + else {
> + infof(data, "No connections available in cache");
> + connections_available = FALSE;
> + }
> }
> }
>
> if(!connections_available) {
> infof(data, "No connections available.");
>
Received on 2024-06-04
Date: Tue, 4 Jun 2024 11:24:59 -0400
This would seem to still leave the doh connections consuming data
connections' cache quota.
That is, doh can crowd out data connections, or at least makes the
connection limit hard to explain or manage.
The application has no control over how many DNS transactions it takes
to resolve, e.g. a redirect/cname chain. So picking a limit would
require guesswork.
UDP DNS transactions don't count against the connection limit (Do TCP if
you have to fall back due to truncation?), so I don't see why doh
should. Certainly neither count if you resolve thru glib. In any case,
the DNS and data transfer processes are separate.
An alternate approach would be to not count the DOH connections at all -
or keep a separate cache and/or quota for them. You probably don't
want a long-lived libcurl user to keep DOH connections forever, or to
cache very large numbers. So a separate limit seems like the right
approach.
Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.
On 04-Jun-24 10:59, Daniel Stenberg via curl-library wrote:
> On Tue, 4 Jun 2024, Daniel Stenberg via curl-library wrote:
>
>> Interesting case. I think we should make DoH requests exempt from
>> that check/restriciton, as otherwise you can end up in this kind of
>> catch-22 situation.
>
> kartatz, how about a patch like this?
>
> --- a/lib/url.c
> +++ b/lib/url.c
> _at__at_ -3661,12 +3661,16 _at__at_ static CURLcode create_conn(struct Curl_easy
> *data,
> /* The cache is full. Let's see if we can kill a connection. */
> conn_candidate = Curl_conncache_extract_oldest(data);
> if(conn_candidate)
> Curl_disconnect(data, conn_candidate, FALSE);
> else {
> - infof(data, "No connections available in cache");
> - connections_available = FALSE;
> + if(data->set.dohfor)
> + infof(data, "Allowing DoH to override max connection limit");
> + else {
> + infof(data, "No connections available in cache");
> + connections_available = FALSE;
> + }
> }
> }
>
> if(!connections_available) {
> infof(data, "No connections available.");
>
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
- application/pgp-signature attachment: OpenPGP digital signature