diff --git a/CHANGES b/CHANGES index dff76bfb99..a503b7efe6 100644 --- a/CHANGES +++ b/CHANGES @@ -2,8 +2,8 @@ crash if the connection to the first server was not successful. [GL #3244] -5852. [func] Add new "load-balance-socket" option to - enable/disable load balancing of sockets. [GL #3249] +5852. [func] Add new "reuseport" option to enable/disable load + balancing of sockets. [GL #3249] 5848. [bug] dig could hang in some cases involving multiple servers in a lookup, when a request fails and the next one diff --git a/bin/named/config.c b/bin/named/config.c index a33db0e072..e766a7a506 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -71,15 +71,7 @@ options {\n\ interface-interval 60;\n\ # keep-response-order {none;};\n\ listen-on {any;};\n\ - listen-on-v6 {any;};\n" -#if HAVE_SO_REUSEPORT_LB - "\ - load-balance-sockets yes;\n" -#else - "\ - load-balance-sockets no;\n" -#endif - "\ + listen-on-v6 {any;};\n\ # lock-file \"" NAMED_LOCALSTATEDIR "/run/named/named.lock\";\n\ match-mapped-addresses no;\n\ max-ixfr-ratio 100%;\n\ @@ -91,7 +83,15 @@ options {\n\ nta-lifetime 3600;\n\ nta-recheck 300;\n\ # pid-file \"" NAMED_LOCALSTATEDIR "/run/named/named.pid\"; \n\ - port 53;\n\ + port 53;\n" +#if HAVE_SO_REUSEPORT_LB + "\ + reuseport yes;\n" +#else + "\ + reuseport no;\n" +#endif + "\ tls-port 853;\n" #if HAVE_LIBNGHTTP2 "\ diff --git a/bin/named/named.conf.rst b/bin/named/named.conf.rst index 523f3f2fd4..25784f3529 100644 --- a/bin/named/named.conf.rst +++ b/bin/named/named.conf.rst @@ -301,7 +301,6 @@ OPTIONS string ] { address_match_element; ... }; lmdb-mapsize sizeval; - load-balance-sockets boolean; lock-file ( quoted_string | none ); managed-keys-directory quoted_string; masterfile-format ( raw | text ); @@ -411,6 +410,7 @@ OPTIONS [ nsip-enable boolean ] [ nsdname-enable boolean ] [ dnsrps-enable boolean ] [ dnsrps-options { unspecified-text } ]; + reuseport boolean; root-delegation-only [ exclude { string; ... } ]; root-key-sentinel boolean; rrset-order { [ class string ] [ type string ] [ name diff --git a/bin/named/server.c b/bin/named/server.c index 1e52cd4338..00b8b507b2 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -8975,7 +8975,7 @@ load_configuration(const char *filename, named_server_t *server, ns_interfacemgr_setbacklog(server->interfacemgr, backlog); obj = NULL; - result = named_config_get(maps, "load-balance-sockets", &obj); + result = named_config_get(maps, "reuseport", &obj); INSIST(result == ISC_R_SUCCESS); loadbalancesockets = cfg_obj_asboolean(obj); #if HAVE_SO_REUSEPORT_LB @@ -8985,14 +8985,12 @@ load_configuration(const char *filename, named_server_t *server, } else if (loadbalancesockets != isc_nm_getloadbalancesockets(named_g_netmgr)) { cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING, - "changing load-balance-sockets value requires " - "server restart"); + "changing reuseport value requires server restart"); } #else if (loadbalancesockets) { - cfg_obj_log( - obj, named_g_lctx, ISC_LOG_WARNING, - "load-balance-sockets has no effect on this system"); + cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING, + "reuseport has no effect on this system"); } #endif diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 060ae48af3..1782bd9f4f 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -1726,17 +1726,16 @@ Boolean Options If ``yes``, respond to root key sentinel probes as described in draft-ietf-dnsop-kskroll-sentinel-08. The default is ``yes``. -``load-balance-sockets`` - +``reuseport`` This option enables kernel load-balancing of sockets on systems which support - it, including Linux and FreeBSD. This instructs the kernel to distribute - incoming socket connections among the networking threads based on a hashing - scheme. For more information, see the receive network flow classification - options (``rx-flow-hash``) section in the ``ethtool`` manual page. The - default is ``yes``. + it, including Linux (SO_REUSEPORT) and FreeBSD (SO_REUSEPORT_LB). This + instructs the kernel to distribute incoming socket connections among the + networking threads based on a hashing scheme. For more information, see the + receive network flow classification options (``rx-flow-hash``) section in the + ``ethtool`` manual page. The default is ``yes``. - Enabling ``load-balance-sockets`` significantly increases general throughput - when incoming traffic is distributed uniformly onto the threads by the + Enabling ``reuseport`` significantly increases general throughput when + incoming traffic is distributed uniformly onto the threads by the operating system. However, in cases where a worker thread is busy with a long-lasting operation, such as processing a Response Policy Zone (RPZ) or Catalog Zone update or an unusually large zone transfer, incoming traffic diff --git a/doc/man/named.conf.5in b/doc/man/named.conf.5in index a33b5fb736..b36c1ab620 100644 --- a/doc/man/named.conf.5in +++ b/doc/man/named.conf.5in @@ -351,7 +351,6 @@ options { string ] { address_match_element; ... }; lmdb\-mapsize sizeval; - load\-balance\-sockets boolean; lock\-file ( quoted_string | none ); managed\-keys\-directory quoted_string; masterfile\-format ( raw | text ); @@ -461,6 +460,7 @@ options { [ nsip\-enable boolean ] [ nsdname\-enable boolean ] [ dnsrps\-enable boolean ] [ dnsrps\-options { unspecified\-text } ]; + reuseport boolean; root\-delegation\-only [ exclude { string; ... } ]; root\-key\-sentinel boolean; rrset\-order { [ class string ] [ type string ] [ name diff --git a/doc/misc/options b/doc/misc/options index 731f52c79c..1d9e384862 100644 --- a/doc/misc/options +++ b/doc/misc/options @@ -217,7 +217,6 @@ options { ] { ; ... }; // may occur multiple times lmdb-mapsize ; - load-balance-sockets ; lock-file ( | none ); managed-keys-directory ; masterfile-format ( raw | text ); @@ -328,6 +327,7 @@ options { [ nsip-enable ] [ nsdname-enable ] [ dnsrps-enable ] [ dnsrps-options { } ]; + reuseport ; root-delegation-only [ exclude { ; ... } ]; root-key-sentinel ; rrset-order { [ class ] [ type ] [ name diff --git a/doc/misc/options.active b/doc/misc/options.active index ed897fb225..176a999d47 100644 --- a/doc/misc/options.active +++ b/doc/misc/options.active @@ -216,7 +216,6 @@ options { ] { ; ... }; // may occur multiple times lmdb-mapsize ; - load-balance-sockets ; lock-file ( | none ); managed-keys-directory ; masterfile-format ( raw | text ); @@ -326,6 +325,7 @@ options { [ nsip-enable ] [ nsdname-enable ] [ dnsrps-enable ] [ dnsrps-options { } ]; + reuseport ; root-delegation-only [ exclude { ; ... } ]; root-key-sentinel ; rrset-order { [ class ] [ type ] [ name diff --git a/doc/misc/options.grammar.rst b/doc/misc/options.grammar.rst index d6fe2aa3e4..9a7b669325 100644 --- a/doc/misc/options.grammar.rst +++ b/doc/misc/options.grammar.rst @@ -153,7 +153,6 @@ ] { ; ... }; lmdb-mapsize ; - load-balance-sockets ; lock-file ( | none ); managed-keys-directory ; masterfile-format ( raw | text ); @@ -263,6 +262,7 @@ [ nsip-enable ] [ nsdname-enable ] [ dnsrps-enable ] [ dnsrps-options { } ]; + reuseport ; root-delegation-only [ exclude { ; ... } ]; root-key-sentinel ; rrset-order { [ class ] [ type ] [ name diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index 07ad9f1b24..c0887d7c99 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -37,7 +37,7 @@ Feature Changes - None. -- Add a new configuration option ``load-balance-sockets`` to disable +- Add a new configuration option ``reuseport`` to disable load balancing on sockets in scenarios in which processing of Response Policy Zones (RPZ), Catalog Zones, or large zone transfers can cause service disruptions. See the BIND 9 ARM for more detail. diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index e1a0f626b1..b39610a399 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1278,7 +1278,6 @@ static cfg_clausedef_t options_clauses[] = { { "keep-response-order", &cfg_type_bracketed_aml, 0 }, { "listen-on", &cfg_type_listenon, CFG_CLAUSEFLAG_MULTI }, { "listen-on-v6", &cfg_type_listenon, CFG_CLAUSEFLAG_MULTI }, - { "load-balance-sockets", &cfg_type_boolean, 0 }, { "lock-file", &cfg_type_qstringornone, 0 }, { "managed-keys-directory", &cfg_type_qstring, 0 }, { "match-mapped-addresses", &cfg_type_boolean, 0 }, @@ -1308,6 +1307,7 @@ static cfg_clausedef_t options_clauses[] = { { "random-device", &cfg_type_qstringornone, 0 }, { "recursing-file", &cfg_type_qstring, 0 }, { "recursive-clients", &cfg_type_uint32, 0 }, + { "reuseport", &cfg_type_boolean, 0 }, { "reserved-sockets", &cfg_type_uint32, CFG_CLAUSEFLAG_DEPRECATED }, { "secroots-file", &cfg_type_qstring, 0 }, { "serial-queries", NULL, CFG_CLAUSEFLAG_ANCIENT },