issue #18709 : Add minimum cache TTL for successful DNS responses

Signed-off-by: Peter Ansell <p_ansell@yahoo.com>
elastic · Jul 16, 2020 · 6044af7 · 6044af7
1 parent 4dcbde3
commit 6044af7
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 7 deletions.
diff --git a/libbeat/processors/dns/cache.go b/libbeat/processors/dns/cache.go
@@ -37,6 +37,7 @@ type ptrCache struct {
 	sync.RWMutex
 	data    map[string]ptrRecord
 	maxSize int
+	minSuccessTTL time.Duration
 }
 
 func (c *ptrCache) set(now time.Time, key string, ptr *PTR) {
@@ -49,7 +50,7 @@ func (c *ptrCache) set(now time.Time, key string, ptr *PTR) {
 
 	c.data[key] = ptrRecord{
 		host:    ptr.Host,
-		expires: now.Add(time.Duration(ptr.TTL) * time.Second),
+		expires: now.Add(maxDuration(time.Duration(ptr.TTL), c.minSuccessTTL) * time.Second),
 	}
 }
 
@@ -135,11 +136,12 @@ func (ce *cachedError) Cause() error  { return ce.err }
 // reverse DNS queries. It caches the results of queries regardless of their
 // outcome (success or failure).
 type PTRLookupCache struct {
-	success    *ptrCache
-	failure    *failureCache
-	failureTTL time.Duration
-	resolver   PTRResolver
-	stats      cacheStats
+	success       *ptrCache
+	minSuccessTTL time.Duration
+	failure       *failureCache
+	failureTTL    time.Duration
+	resolver      PTRResolver
+	stats         cacheStats
 }
 
 type cacheStats struct {
@@ -157,6 +159,7 @@ func NewPTRLookupCache(reg *monitoring.Registry, conf CacheConfig, resolver PTRR
 		success: &ptrCache{
 			data:    make(map[string]ptrRecord, conf.SuccessCache.InitialCapacity),
 			maxSize: conf.SuccessCache.MaxCapacity,
+			minSuccessTTL: conf.SuccessCache.MinTTL,
 		},
 		failure: &failureCache{
 			data:       make(map[string]failureRecord, conf.FailureCache.InitialCapacity),
@@ -208,3 +211,10 @@ func max(a, b int) int {
 	}
 	return b
 }
+
+func maxDuration(a time.Duration, b time.Duration) time.Duration {
+	if a >= b {
+		return a
+	}
+	return b
+}
diff --git a/libbeat/processors/dns/config.go b/libbeat/processors/dns/config.go
@@ -84,9 +84,12 @@ type CacheConfig struct {
 // CacheSettings define the caching behavior for an individual cache.
 type CacheSettings struct {
 	// TTL value for items in cache. Not used for success because we use TTL
-	// from the DNS record.
+	// from the DNS record or the minimum configured TTL.
 	TTL time.Duration `config:"ttl"`
 
+	// Minimum TTL value for successful DNS responses.
+	MinTTL time.Duration `config:"ttl.min" validate:"min=1"`
+
 	// Initial capacity. How much space is allocated at initialization.
 	InitialCapacity int `config:"capacity.initial" validate:"min=0"`
 
@@ -122,6 +125,9 @@ func (c *Config) Validate() error {
 
 // Validate validates the data contained in the CacheConfig.
 func (c *CacheConfig) Validate() error {
+	if c.SuccessCache.MinTTL <= 0 {
+		return errors.Errorf("success_cache.ttl.min must be > 0")
+	}
 	if c.FailureCache.TTL <= 0 {
 		return errors.Errorf("failure_cache.ttl must be > 0")
 	}
@@ -146,6 +152,7 @@ func (c *CacheConfig) Validate() error {
 var defaultConfig = Config{
 	CacheConfig: CacheConfig{
 		SuccessCache: CacheSettings{
+			MinTTL:          time.Minute,
 			InitialCapacity: 1000,
 			MaxCapacity:     10000,
 		},