spf-discuss
[Top] [All Lists]

Re: persistent spfd connection failures

2004-04-20 11:23:48
  Vis-a-vis Meng Meng Wong's note of 04/19/2004 08:33 PM:
On Mon, Apr 19, 2004 at 06:31:23PM -0500, wayne wrote:
| In <408431EA(_dot_)6040806(_at_)eshu(_dot_)net> Joe Christy 
<joe(_at_)eshu(_dot_)net> writes:
| | > I'm currently using
| > Mail::SPF::Query-1.996's spfd [snip]
| | I did some checking into this. | | For some reason, the Perl DNS functions take around 30 seconds to
| return a SERVFAIL/TRY_AGAIN DNS error.  Libspf-alt takes 10 seconds,
| while libspf takes 20 seconds.  No, I can't account for the different
| times, nor can I account for why my system only takes 30 seconds with
| perl where yours takes 80 seconds.

Could the difference be that the resolv.conf on my production systems lists redundant name servers, so they have two time out twice?


i believe Net::DNS has configurable timeouts so we can actually set a
timeout value at some point and make this problem go away for you ...  i
have added it to my todo list for 1.997.
...

        Here's a (trivial) patch to MQS that does just that:

====================================
--- Query.pm.orig       2004-02-27 10:38:35.000000000 -0800
+++ Query.pm    2004-04-20 09:54:54.000000000 -0700
@@ -82,6 +82,15 @@

 $CACHE_TIMEOUT = 120;

+## Add explicit timeouts for Net::DNS::Resolver
+## 15 seconds should put this between lispf and libsp-alt
+## in terms of time needed to return a DNS SERVFAIL/TRY_AGAIN error
+## and place its performance within the 20 second window of
+## David Saez's exim spf ACL
+my $TCP_TIMEOUT = 15;
+my $UDP_TIMEOUT = 15;
+## Joe Christy joe(_at_)eshu(_dot_)net 2004-04-20
+
 # ----------------------------------------------------------
 #       no user-serviceable parts below this line
 # ----------------------------------------------------------
@@ -531,7 +540,12 @@
 sub is_secondary_for {
     my ($host, $addr) = @_;

-    my $resolver = Net::DNS::Resolver->new;
+    ## Add explicit timeouts for Net::DNS::Resolver
+    my $resolver = Net::DNS::Resolver->new(
+                                          tcp_timeout => $TCP_TIMEOUT,
+                                          udp_timeout => $UDP_TIMEOUT
+                                          );
+    ## Joe Christy joe(_at_)eshu(_dot_)net 2004-04-20
     if ($resolver) {
         my $mx = $resolver->send($host, 'MX');
         if ($mx) {
@@ -1444,7 +1458,12 @@

 sub resolver {
   my $query = shift;
-  return $query->{res} ||= Net::DNS::Resolver->new;
+## Add explicit timeouts for Net::DNS::Resolver
+  return $query->{res} ||= Net::DNS::Resolver->new(
+                                                  tcp_timeout => $TCP_TIMEOUT,
+                                                  udp_timeout => $UDP_TIMEOUT
+                                                  );
+## Joe Christy joe(_at_)eshu(_dot_)net 2004-04-20
 }

 sub fallbacks {



--
======== Joe Christy ============================== joe(_at_)eshu(_dot_)net 
=======
---- Voice:831/423-7151 --- Mobile:650/483-9123 --- FAX:831/469-0804 ---
__ If I can save you any time, give it to me, I'll keep it with mine. __
 www.eshu.net/CA.html  BF:38:C1:17:5F:F4:00:19:53:01:7B:4C:88:72:93:85


<Prev in Thread] Current Thread [Next in Thread>