- Implement max-udp-size config option, default 4096 (thanks

Daisuke Higashi).


git-svn-id: file:///svn/unbound/trunk@2893 be551aaa-1e26-0410-a405-d3ace91eadb9

daemon/worker.c

@@ -830,6 +830,13 @@ worker_handle_request(struct comm_point* c, void* arg, int error,
 			(int)edns.udp_size);
 		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
 		edns.udp_size = NORMAL_UDP_SIZE;
+	} else if(edns.edns_present &&
+		edns.udp_size > worker->daemon->cfg->max_udp_size &&
+		c->type == comm_udp) {
+		verbose(VERB_QUERY, "worker request: EDNS bufsize %d exceeds "
+			"max-udp-size, fixed", (int)edns.udp_size);
+		log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen);
+		edns.udp_size = worker->daemon->cfg->max_udp_size;
 	}
 	if(edns.edns_present && edns.udp_size < LDNS_HEADER_SIZE) {
 		verbose(VERB_ALGO, "worker request: edns is too small.");

doc/Changelog

@@ -1,4 +1,6 @@
 25 April 2013: Wouter
+	- Implement max-udp-size config option, default 4096 (thanks
+	  Daisuke Higashi).
 	- Robust checks on dname validity from rdata for dname compare.
 
 19 April 2013: Wouter

doc/example.conf.in

@@ -89,6 +89,10 @@ server:
 	# is set with msg-buffer-size). 1480 can solve fragmentation (timeouts).
 	# edns-buffer-size: 4096
 
+	# Maximum UDP response size (not applied to TCP response).
+	# Suggested values are 512 to 4096. Default is 4096. 65536 disables it.
+	# max-udp-size: 4096
+
 	# buffer size for handling DNS data. No messages larger than this
 	# size can be sent or received, by UDP or TCP. In bytes.
 	# msg-buffer-size: 65552

doc/unbound-control.8.in

@@ -170,7 +170,7 @@ harden\-glue, harden\-dnssec\-stripped, harden\-below\-nxdomain,
 harden\-referral\-path, prefetch, prefetch\-key, log\-queries,
 hide\-identity, hide\-version, identity, version, val\-log\-level,
 val\-log\-squelch, ignore\-cd\-flag, add\-holddown, del\-holddown,
-keep\-missing, tcp\-upstream, ssl\-upstream.
+keep\-missing, tcp\-upstream, ssl\-upstream, max\-udp\-size.
 .TP
 .B get_option \fIopt
 Get the value of the option.  Give the option name without a trailing ':'.

doc/unbound.conf.5.in

@@ -183,6 +183,11 @@ stringent path MTU problems, but is seen as extreme, since the amount
 of TCP fallback generated is excessive (probably also for this resolver,
 consider tuning the outgoing tcp number).
 .TP
+.B max\-udp\-size: \fI<number>
+Maximum UDP response size (not applied to TCP response).  65536 disables the
+udp response size maximum, and uses the choice from the client, always.
+Suggested values are 512 to 4096. Default is 4096. 
+.TP
 .B msg\-buffer\-size: \fI<number>
 Number of bytes size of the message buffers. Default is 65552 bytes, enough
 for 64 Kb packets, the maximum DNS message size. No message larger than this

util/config_file.c

@@ -201,6 +201,7 @@ config_create(void)
 	cfg->control_port = UNBOUND_CONTROL_PORT;
 	cfg->minimal_responses = 0;
 	cfg->rrset_roundrobin = 0;
+	cfg->max_udp_size = 4096;
 	if(!(cfg->server_key_file = strdup(RUN_DIR"/unbound_server.key"))) 
 		goto error_exit;
 	if(!(cfg->server_cert_file = strdup(RUN_DIR"/unbound_server.pem"))) 
@@ -328,6 +329,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
 		free(cfg->logfile);
 		return (cfg->logfile = strdup(val)) != NULL;
 	}
+	else S_NUMBER_NONZERO("max-udp-size:", max_udp_size)
 	else S_YNO("use-syslog:", use_syslog)
 	else S_YNO("extended-statistics:", stat_extended)
 	else S_YNO("statistics-cumulative:", stat_cumulative)
@@ -662,6 +664,7 @@ config_get_option(struct config_file* cfg, const char* opt,
 	else O_UNS(opt, "val-override-date", val_date_override)
 	else O_YNO(opt, "minimal-responses", minimal_responses)
 	else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin)
+	else O_DEC(opt, "max-udp-size", max_udp_size)
 	/* not here:
 	 * outgoing-permit, outgoing-avoid - have list of ports
 	 * local-zone - zones and nodefault variables

util/config_file.h

@@ -296,6 +296,9 @@ struct config_file {
 
 	/* RRSet roundrobin */
 	int rrset_roundrobin;
+
+	/* maximum UDP response size */
+	size_t max_udp_size;
 };
 
 /**

util/configlexer.lex

@@ -293,6 +293,7 @@ python{COLON}			{ YDVAR(0, VAR_PYTHON) }
 domain-insecure{COLON}		{ YDVAR(1, VAR_DOMAIN_INSECURE) }
 minimal-responses{COLON}	{ YDVAR(1, VAR_MINIMAL_RESPONSES) }
 rrset-roundrobin{COLON}		{ YDVAR(1, VAR_RRSET_ROUNDROBIN) }
+max-udp-size{COLON}		{ YDVAR(1, VAR_MAX_UDP_SIZE) }
 <INITIAL,val>{NEWLINE}		{ LEXOUT(("NL\n")); cfg_parser->line++; }
 
 	/* Quoted strings. Strip leading and ending quotes */

util/configparser.h

@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 2.5.  */
+/* A Bison parser, made by GNU Bison 2.6.1.  */
 
 /* Bison interface for Yacc-like parsers in C
    
-      Copyright (C) 1984, 1989-1990, 2000-2011 Free Software Foundation, Inc.
+      Copyright (C) 1984, 1989-1990, 2000-2012 Free Software Foundation, Inc.
    
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -30,6 +30,15 @@
    This special exception was added by the Free Software Foundation in
    version 2.2 of Bison.  */
 
+#ifndef YY_UTIL_CONFIGPARSER_H
+# define YY_UTIL_CONFIGPARSER_H
+/* Enabling traces.  */
+#ifndef YYDEBUG
+# define YYDEBUG 0
+#endif
+#if YYDEBUG
+extern int yydebug;
+#endif
 
 /* Tokens.  */
 #ifndef YYTOKENTYPE
@@ -163,7 +172,8 @@
      VAR_FORWARD_FIRST = 381,
      VAR_STUB_FIRST = 382,
      VAR_MINIMAL_RESPONSES = 383,
-     VAR_RRSET_ROUNDROBIN = 384
+     VAR_RRSET_ROUNDROBIN = 384,
+     VAR_MAX_UDP_SIZE = 385
    };
 #endif
 /* Tokens.  */
@@ -294,23 +304,21 @@
 #define VAR_STUB_FIRST 382
 #define VAR_MINIMAL_RESPONSES 383
 #define VAR_RRSET_ROUNDROBIN 384
-
+#define VAR_MAX_UDP_SIZE 385
 
 
 
 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
 typedef union YYSTYPE
 {
-
-/* Line 2068 of yacc.c  */
+/* Line 2049 of yacc.c  */
 #line 64 "./util/configparser.y"
 
 	char*	str;
 
 
-
-/* Line 2068 of yacc.c  */
-#line 314 "util/configparser.h"
+/* Line 2049 of yacc.c  */
+#line 322 "util/configparser.h"
 } YYSTYPE;
 # define YYSTYPE_IS_TRIVIAL 1
 # define yystype YYSTYPE /* obsolescent; will be withdrawn */
@@ -319,4 +327,18 @@ typedef union YYSTYPE
 
 extern YYSTYPE yylval;
 
+#ifdef YYPARSE_PARAM
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void *YYPARSE_PARAM);
+#else
+int yyparse ();
+#endif
+#else /* ! YYPARSE_PARAM */
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
 
+#endif /* !YY_UTIL_CONFIGPARSER_H  */

util/configparser.y

@@ -105,6 +105,7 @@ extern struct config_parser_state* cfg_parser;
 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
+%token VAR_MAX_UDP_SIZE
 
 %%
 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
@@ -161,7 +162,7 @@ content_server: server_num_threads | server_verbosity | server_port |
 	server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
 	server_log_queries | server_tcp_upstream | server_ssl_upstream |
 	server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
-	server_minimal_responses | server_rrset_roundrobin
+	server_minimal_responses | server_rrset_roundrobin | server_max_udp_size
 	;
 stubstart: VAR_STUB_ZONE
 	{
@@ -1117,6 +1118,12 @@ server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
 		free($2);
 	}
 	;
+server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
+	{
+		OUTYY(("P(server_max_udp_size:%s)\n", $2));
+		cfg_parser->cfg->max_udp_size = atoi($2);
+	}
+	;
 stub_name: VAR_NAME STRING_ARG
 	{
 		OUTYY(("P(name:%s)\n", $2));