Skip to content

feat: only cache final target record when dns sever response #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AlinsRan merged 3 commits into from
Dec 31, 2025
Merged

feat: only cache final target record when dns sever response #7

AlinsRan merged 3 commits into from
Dec 31, 2025

Conversation

@AlinsRan
Copy link

@AlinsRan AlinsRan commented Dec 30, 2025
edited
Loading

Background

The current DNS resolving and caching logic operates at the RR (Resource Record) level.
Each record in a CNAME chain (CNAME / A / AAAA) is cached independently with its own TTL.

In real-world deployments, this behavior can lead to inconsistencies:

  • An intermediate CNAME record may expire or become unavailable
  • While the final A / AAAA record is still present in cache
  • The resolver may continue using the cached final address
  • This breaks the expected consistency of the DNS resolution chain

For gateway and traffic-routing components, this behavior can be undesirable.

Practical Limitation of Intermediate Records

In addition to TTL consistency, there is a practical operational constraint:

Intermediate CNAME nodes are not always globally or persistently resolvable.

In multi-region, multi-cloud, or third-party DNS environments (e.g. CDN or cloud-internal domains):

  • Intermediate domains may only be resolvable in specific regions or networks
  • Re-querying intermediate CNAME records may fail depending on location

This can cause traffic to be routed based on a DNS chain that is no longer valid from the resolver’s perspective.

Example

run.api7.ai.            10  IN CNAME   one.cloudfront.net.
one.cloudfront.net.     3   IN CNAME   two.cloudfront.net.
two.cloudfront.net.     10  IN A       18.155.68.66

Possible issue:

one.cloudfront.net expires or becomes unreachable in a given region

What’s Changed

This PR introduces an optional configuration flag:

finalCacheOnly: true

When finalCacheOnly is enabled:

  • The resolver only caches the final A / AAAA record

  • The cache TTL is calculated as the minimum TTL across the entire CNAME chain

  • Intermediate CNAME records are not cached or reused independently

@nic-6443
chore: only cache target record when dns sever response multiple answ…
78799fe 
…ers at once

Signed-off-by: Nic <qianyong@api7.ai>
@CLAassistant
Copy link

CLAassistant commented Dec 30, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@AlinsRan AlinsRan changed the title chore: only cache target record when dns sever response multiple answ… feat: only cache final target record when dns sever response Dec 31, 2025
AlinsRan
AlinsRan commented Dec 31, 2025
View reviewed changes
spec/client_spec.lua
it("fetching multiple SRV records (un-typed)", function()
assert(client.init())

local host = "srvtest.thijsschreijer.nl"
Copy link
Author

@AlinsRan AlinsRan Dec 31, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This domain name is no longer working.

@AlinsRan
Copy link
Author

AlinsRan commented Dec 31, 2025
edited
Loading

ref:

CI failure is due to some domain names no longer working, unrelated to the modification of this PR.
This PR has been fixed and temporarily annotated for some complex scenarios such as SRV+CNAME. Waiting for further repairs.

@AlinsRan AlinsRan merged commit 0b5ee69 into master Dec 31, 2025
2 checks passed
@AlinsRan AlinsRan deleted the dns-cache branch December 31, 2025 05:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@membphis membphis membphis approved these changes

@nic-6443 nic-6443 nic-6443 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@AlinsRan @CLAassistant @membphis @nic-6443