httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Luca Toscano <>
Subject Re: [users@httpd] mod_proxy and DNS resolving
Date Sat, 28 May 2016 10:25:42 GMT
Hi Yann,

2016-05-28 0:31 GMT+02:00 Yann Ylavic <>:

> Hi Luca,
> On Mon, May 23, 2016 at 2:21 PM, Luca Toscano <>
> wrote:
> >
> > I replied to the comment that you pointed out with Jim's answer and I
> > updated the trunk documentation with a note about DNS resolution:
> >
> >
> >
> > HTML diff only:
> >
> I don't think this is correct.
> When disablereuse is true (including the default workers), the DNS
> resolution occurs for each connection.
> But when mod_proxy is reusing connections (including addresses), each
> worker/backend address is resolved only once per child process, and
> reused for all further connections (until the child is recycled).
> AIUI, this is not related to the TTL.

Thanks a lot for the explanation and for the info. So httpd does cache
origin DNS resolution and there is no way to control it via mod-proxy
settings (maybe the only thing that could be used
is MaxConnectionsPerChild?).

> From ap_proxy_determine_connection():
>                 /*
>                  * Worker can have the single constant backend adress.
>                  * The single DNS lookup is used once per worker.
>                  * If dynamic change is needed then set the addr to NULL
>                  * inside dynamic config to force the lookup.
>                  */
> AFAICT, nothing sets "addr to NULL" anywhere in httpd, that would be
> racy anyway.
> There is indeed a worker 'is_address_reusable' flag distinct from
> 'disablereuse', but it is not exposed to the admin and seems to be
> internally mapped to 'disablereuse'.
> I have a patch which introduces 'addressTTL' if one is interested, but
> it's not that simple because it addresses the race locklessly (and
> leaklessly :), thus with refcounting, address pool...
If I got everything correctly, the description of the TTL might be a bit
misleading because it is not clear IMHO that the DNS resolution won't be

"Time to live for inactive connections and associated connection pool
entries, in seconds. Once reaching this limit, a connection will not be
used again; it will be closed at some later time."

What would happen when an admin performs a change of the origin DNS A or
AAAA record? If httpd doesn't happen to recycle workers at that time it
will try to connect to the old IP address probably triggering a 502 due to
timeouts or connection failures right?

The perfect thing, IMHO, would be to force the DNS resolution every time a
new connection to origin needs to be performed (transparently to all the
options), but as you mentioned the implementation could be messy and I am
not sure how many people would like this feature.

Anyhow, I'll wait for some replies to check that I got everything correctly
and then I'll updated the documentation (unless somebody wants to do it
before me).



View raw message