This is an experimental feature to add/remove DNS entries depending on whether servers/services are up/down. Initially NTP testing and TCP port testing are supported.

This is an experimental lightly tested patch. It's based on top of the other 3 merge requests I have submitted recently, but is pretty easily separated.

From the commit message:

commit 049d4acdfd1b5941feb501ddb1353a27e464047d
Author: Alex Bligh <[email protected]>
Date:   Mon Aug 17 15:32:26 2015 +0100

Add healthtest functionality to automatically exclude down hosts

Add a healthtest function activated by setting the 'test' attribute on a label.
When a test is specified, each RR within the label (A and AAAA only at this
stage) is polled regularly with a configurable test. Current configurable
tests are that a tcp port can be opened, or that an NTP response within a
given stratum range is achieved. RRs that fail the test will be excluded
from any results.

Health tests can be configured as follows:

     "test" :  {
         "type" : "ntp",
         "frequency" : 30,
         "retry_time" : 5,
         "retries" : 3,
         "timeout" : 5,
         "max_stratum" : "3"
      }

or

     "test" :  {
         "type" : "tcp",
         "frequency" : 30,
         "retry_time" : 5,
         "retries" : 3,
         "timeout" : 5,
     "port" : 80
      }

Attributes are as follows:

* type: specifies type of test (currently "ntp" or "tcp")

* frequency: specifies time in seconds between polls if the server is up

* retry_time: specifies time in seconds between polls if a poll fails

* retries: number of failed polls required to consider a server as down

* timeout: timeout on each of the polls

* max_stratum: (ntp only) maximum ntp stratum number for the poll
  to be considered successful

* port: (tcp only) tcp port number to connect to

Signed-off-by: Alex Bligh <[email protected]>

This is an experimental feature to provide automatic geographic loadbalancing by choosing the group of servers with the lowest geographic distance to the query originator.

This is lightly tested. However, it should not affect normal operation unless you turn it on.

Information from the commit:

Add 'closest' flag

This changeset adds a new boolean option 'closest' to the zone options
and to the label options. The label option defaults to the zone option
for 'closest'.

When closest is set on a label within a zone, each A record has its
location determined and stored in memory. When a query is received,
after the targeting process is performed, the geographically closest
group of A records are selected prior to the weight algorithm being
applied.

In practice this means you can use a simple technique (set 'closest'
to be "true") to choose the geographically closest servers. Note
that geographic proximity may not correlate perfectly to topological
proximity.

Note that when 'closest' is selected on any label within the zone,
the GEOIP_CITY_EDITION_REV1 geoip data is required, as that is what
contains latitude and longitude data.

No provision is currently made for servers that change longitude
and latitude (most likely due to a geoip data change) during the
runtime life of the server.

Signed-off-by: Alex Bligh <[email protected]>

geodns panics if a broken zone file is created then deleted.

To replicate, create a broken zonefile:

$ echo a > dns/x.com.json

Wait until the zone file fails to load:

geodns 13:25:19.160763 log.go:7: Reading new file x.com.json
geodns 13:25:19.160889 zones.go:69: Caught an error error parsing JSON object in config file dns/x.com.json:
Error at line 1, column 1 (file offset 1):
    1: a
      ^
invalid character 'a' looking for beginning of value

Then delete the zone file

$ rm dns/x.com.json

And wait a few minutes

geodns 13:25:29.163572 zones.go:91: Removing zone
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x0 pc=0x400fe45]

goroutine 29 [running]:
main.(*Zone).Close(0xc20805e6e0)
    /Users/amb/go/src/github.com/abh/geodns/zone.go:98 +0x1a5
main.zonesReadDir(0x4489e70, 0x6, 0xc20803de30, 0x0, 0x0)
    /Users/amb/go/src/github.com/abh/geodns/zones.go:92 +0x78b
main.zonesReader(0x4489e70, 0x6, 0xc20803de30)
    /Users/amb/go/src/github.com/abh/geodns/zones.go:26 +0x3c
created by main.main
    /Users/amb/go/src/github.com/abh/geodns/geodns.go:173 +0xd41
 ... (snipped) ...

The problem is this line:

func (z *Zone) Close() {
    metrics.Unregister(z.Origin + " queries")
    metrics.Unregister(z.Origin + " EDNS queries")
    z.Metrics.LabelStats.Close() // <-------------------- HERE
    z.Metrics.ClientStats.Close()
}

As the zone file never existed, it has been incompletely loaded, and the metrics were not set up. Deleting it attempts to Close() the zone file and this fails with a nil pointer dereference as z.Metrics is nil.

I would suggest zone files that are not present prior to loading and fail to load leave the zones map unchanged and do nothing. I will submit a changeset to fix this.

Add goroutine to watch file modification time each minute. Lock and update the files independently if the modification time is newer than the last time it was loaded.

Also ancillary fixes for type signatures, and formatting test files.

Fixes #116, #16

Add an option to make debugging queries private, meaning only accepted from the loopback address. The debugging queries (i.e. _status, _health and possibly _country) contain information which may be either commercially sensitive or security sensitive. Therefore provide an option (-privatedebug) which if set does not return these unless the query comes from the loopback address.

Add a RR which returns the health status of a record, for debugging purposes. This returns in JSON format the health record of all the records associated with a label if a health test is running.

Example follows.

$ dig -p 10053 TXT _health.foo.example2.com @127.0.0.1

; <<>> DiG 9.8.3-P1 <<>> -p 10053 TXT _health.foo.example2.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59545
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;_health.foo.example2.com.  IN      TXT

;; ANSWER SECTION:
_health.foo.example2.com. 1 IN      TXT     "{\"A\":{\"192.168.1.2\":false,\"192.168.1.3\":false,\"192.168.1.4\":false},\"AAAA\":{\"fd06:c1d3:e902:202:a5ff:fecd:13a6:a\":false,\"fd06:c1d3:e902::2\":false,\"fd06:c1d3:e902::4\":false}}"

;; Query time: 1 msec
;; SERVER: 127.0.0.1#10053(127.0.0.1)
;; WHEN: Wed Sep  2 19:24:01 2015
;; MSG SIZE  rcvd: 251

Decoding that JSON:

{
   "A" : {
      "192.168.1.4" : false,
      "192.168.1.3" : false,
      "192.168.1.2" : false
   },
   "AAAA" : {
      "fd06:c1d3:e902:202:a5ff:fecd:13a6:a" : false,
      "fd06:c1d3:e902::4" : false,
      "fd06:c1d3:e902::2" : false
   }
}

I tried install geodns on ubuntu a number of times, but failed. It seems there are some problems in terms of packages dependencies. Besides, I also got the error message:

/usr/lib/go/src/pkg/github.com/abh/dns/edns.go:230: function ends without a return statement

without a clue

The steps I tried: sudo apt-get install golang sudo apt-get install mercurial sudo apt-get install libgeoip-dev export GOPATH=/usr/lib/go sudo go get github.com/abh/geodns

I haven't tried to install it on centos, so I cannot tell if I tried to install it in wrong way.

Thanks

geodns adopted a seemingly arbitrary minimum TTL for NS records of 86400 seconds (one day). I can find no reason for this in the RFCs. Setting a lower TTL is useful e.g. when NS records are to be changed, for instance removal of a nameserver. This patch removes this arbitrary limit.

I'm planning to migrate my dns from pgeodns to this version. But When I look into the sample configuration of ntp , the entries are making me some confusion on geo record.

What is difference between the below record for country Malaysia

3.my , 1.my , 0.my ,2.my from ntppool.org.json

./metrics.go:26: cannot use metrics.NewHistogram(metrics.NewUniformSample(1800)) (type metrics.Histogram) as type *metrics.StandardHistogram in assignment: need type assertion ./metrics.go:29: cannot use metrics.NewHistogram(metrics.NewExpDecaySample(600, 0.015)) (type metrics.Histogram) as type *metrics.StandardHistogram in assignment: need type assertion ./metrics.go:32: cannot use metrics.NewGauge() (type metrics.Gauge) as type *metrics.StandardGauge in assignment: need type assertion ./zone.go:85: cannot use metrics.NewMeter() (type metrics.Meter) as type *metrics.StandardMeter in assignment: need type assertion

This is a followup to miekg/dns#21 (which really was about something else).

I ran dnsbench against the geodns server today to reproduce the "hang" where it just stops listening on UDP. After 4 hours of 1000qps it was still working fine and it's "only" doubled memory usage from 15MB to 30MB.

Running lsof on the process shows it's doesn't have the UDP server open anymore.

I've added some monitoring code in 70b6e4e413f8751678c2999e8a6d124c954676d3 and an attempt at logging if ListenAndServe returns: 98020a3f63515b4a

Here are following dns domains that have A/NS records :

EUROPE:

eu-1.internet.dedyn.io eu-2.internet.dedyn.io eu-3.internet.dedyn.io

AMERICA:

us-1.internet.dedyn.io us-2.internet.dedyn.io

ASIA (not tested):

as-1.internet.dedyn.io

I wanted to do this kind of stuff (like CDN) as a fun project and i may use it for my websites in the future. (the goal is that it opens one of these websites according to location)

Hello,

I think geodns doesn't work when clients are querying DNS records via 1.1.1.1 dns

Test results

root@localhost:~# which dig
/usr/bin/dig
root@localhost:~# dig pool.ntp.org @1.1.1.1

; <<>> DiG 9.16.1-Ubuntu <<>> pool.ntp.org @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34920
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pool.ntp.org.                  IN      A

;; ANSWER SECTION:
pool.ntp.org.           133     IN      A       213.231.5.55
pool.ntp.org.           133     IN      A       200.89.75.197
pool.ntp.org.           133     IN      A       109.74.192.97
pool.ntp.org.           133     IN      A       211.233.84.186

;; Query time: 0 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Apr 08 23:19:57 UTC 2022
;; MSG SIZE  rcvd: 105

root@localhost:~# ping 213.231.5.55
PING 213.231.5.55 (213.231.5.55) 56(84) bytes of data.
64 bytes from 213.231.5.55: icmp_seq=1 ttl=53 time=250 ms
64 bytes from 213.231.5.55: icmp_seq=2 ttl=53 time=250 ms
^C
--- 213.231.5.55 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 249.610/249.961/250.313/0.351 ms
root@localhost:~# ping 200.89.75.197
PING 200.89.75.197 (200.89.75.197) 56(84) bytes of data.
64 bytes from 200.89.75.197: icmp_seq=1 ttl=56 time=267 ms
^C
--- 200.89.75.197 ping statistics ---
2 packets transmitted, 1 received, 50% packet loss, time 1001ms
rtt min/avg/max/mdev = 266.621/266.621/266.621/0.000 ms
root@localhost:~# ping 109.74.192.97
PING 109.74.192.97 (109.74.192.97) 56(84) bytes of data.
64 bytes from 109.74.192.97: icmp_seq=1 ttl=55 time=236 ms
^C
--- 109.74.192.97 ping statistics ---
2 packets transmitted, 1 received, 50% packet loss, time 1002ms
rtt min/avg/max/mdev = 236.298/236.298/236.298/0.000 ms
root@localhost:~# ping 211.233.84.186
PING 211.233.84.186 (211.233.84.186) 56(84) bytes of data.
64 bytes from 211.233.84.186: icmp_seq=1 ttl=54 time=33.3 ms
64 bytes from 211.233.84.186: icmp_seq=2 ttl=54 time=33.2 ms
^C
--- 211.233.84.186 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 33.228/33.249/33.270/0.021 ms
root@localhost:~# dig pool.ntp.org

; <<>> DiG 9.16.1-Ubuntu <<>> pool.ntp.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32438
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;pool.ntp.org.                  IN      A

;; ANSWER SECTION:
pool.ntp.org.           75      IN      A       162.159.200.1
pool.ntp.org.           75      IN      A       203.112.25.169
pool.ntp.org.           75      IN      A       194.0.5.123
pool.ntp.org.           75      IN      A       133.243.238.163

;; Query time: 7 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Apr 08 23:21:08 UTC 2022
;; MSG SIZE  rcvd: 105

Querying from japan region server would return incorrect answers when the records are returned by 1.1.1.1,

while it just works normally with the default DNS server provided by ISP.

Hi

I looked at this sample configuration and I had a question https://github.com/abh/geodns/blob/main/dns/test.example.com.json

When I set up the following record for example.com

{
    "": {
        "a": [
            [
                "192.168.1.1",
                10
            ]
        ]
    },
    "my": {
        "a": [
            [
                "192.168.1.2",
                10
            ]
        ]
    },
    "se": {
        "a": [
            [
                "192.168.1.3",
                10
            ]
        ]
    }
}

Attempts to request records from Sweden for example.com will return 192.168.1.3 A request from Malaysia will return 192.168.1.2

But my here stands formyself se here stands for Special Edition

https://github.com/abh/geodns/issues/50

I found other similar questions in issues but no solution

How to distinguish between geo records and normal records?

Hi Team

I am unsuccessful in getting domain resolved by matching IP address or IP prefix. I think it is supported. Could you please give me some example config for the same.

Thank you for that awesome software. However, there's a small draw I've been unable to solve by now: A number of popular open dns-providers (Cloudflare) do not pass client's source network via edns. It'd be really helpful to match by source ip-address (networks) to build a list of exclusions in addition to matching by countries/regions. Of course, one can edit mmdb-databases directly but this feature would greatly improve flexibility.