PATCH: add 'rndc scan' command to scan network interfaces

Rob Foehl rwf at loonybin.net
Tue Jan 25 00:57:51 UTC 2011 

The attached patch implements an 'rndc scan' command, which very simply 
forces an immediate scan of available network interfaces without running a 
full reconfig or waiting on the interface-interval timer to fire.  The 
patch is against 9.7.2-P3 but also applies cleanly to 9.8.0b1.

This is one of a series of changes I'm working on to lessen the impact of 
a full reconfig on servers with a very large number of configured zones, 
and is really more of a workaround than anything else -- but it's also 
pretty unintrusive, so I thought I'd throw it out there and see what 
happens.  Interface scanning currently leads to a chicken-and-egg problem 
with running reconfig while listening interfaces are down, as is necessary 
in my case to avoid dropping queries while reconfig completes.  Another 
use case that came up on this list back in October was the desire to 
rapidly adjust to VRRP-style address failover without perturbing the rest 
of the server, which this would suit nicely.

Is this something that might be considered for a future release?  I'm not 
particularly wed to the name, and there are some obvious improvements that 
could be made to the way locking is done around scan_interfaces() that 
I've left out of this version for simplicity's sake.

Comments/suggestions/etc. welcome.

-Rob
-------------- next part --------------
diff --git a/bin/named/control.c b/bin/named/control.c
index ac01c4d..8fc6228 100644
--- a/bin/named/control.c
+++ b/bin/named/control.c
@@ -189,6 +189,8 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) {
 		result = ns_server_notifycommand(ns_g_server, command, text);
 	} else if (command_compare(command, NS_COMMAND_VALIDATION)) {
 		result = ns_server_validation(ns_g_server, command);
+	} else if (command_compare(command, NS_COMMAND_SCAN)) {
+		result = ns_server_scan_interfaces(ns_g_server);
 	} else if (command_compare(command, NS_COMMAND_SIGN) ||
 		   command_compare(command, NS_COMMAND_LOADKEYS)) {
 		result = ns_server_rekey(ns_g_server, command);
diff --git a/bin/named/include/named/control.h b/bin/named/include/named/control.h
index 042062a..2516012 100644
--- a/bin/named/include/named/control.h
+++ b/bin/named/include/named/control.h
@@ -58,6 +58,7 @@
 #define NS_COMMAND_NULL		"null"
 #define NS_COMMAND_NOTIFY	"notify"
 #define NS_COMMAND_VALIDATION	"validation"
+#define NS_COMMAND_SCAN 	"scan"
 #define NS_COMMAND_SIGN 	"sign"
 #define NS_COMMAND_LOADKEYS 	"loadkeys"
 #define NS_COMMAND_ADDZONE	"addzone"
diff --git a/bin/named/include/named/server.h b/bin/named/include/named/server.h
index 2f28942..c8f7eed 100644
--- a/bin/named/include/named/server.h
+++ b/bin/named/include/named/server.h
@@ -323,6 +323,12 @@ isc_result_t
 ns_server_validation(ns_server_t *server, char *args);
 
 /*%
+ * Scan available network interfaces for changes.
+ */
+isc_result_t
+ns_server_scan_interfaces(ns_server_t *server);
+
+/*%
  * Add a zone to a running process
  */
 isc_result_t
diff --git a/bin/named/server.c b/bin/named/server.c
index ec545fc..06538d4 100644
--- a/bin/named/server.c
+++ b/bin/named/server.c
@@ -6651,6 +6651,21 @@ ns_smf_add_message(isc_buffer_t *text) {
 #endif /* HAVE_LIBSCF */
 
 /*
+ * Act on a "scan" command from the command channel.
+ */
+isc_result_t
+ns_server_scan_interfaces(ns_server_t *server) {
+	isc_result_t result;
+
+	result = isc_task_beginexclusive(server->task);
+	RUNTIME_CHECK(result == ISC_R_SUCCESS);
+	scan_interfaces(server, ISC_TRUE);
+	isc_task_endexclusive(server->task);
+
+	return (ISC_R_SUCCESS);
+}
+
+/*
  * Act on an "addzone" command from the command channel.
  */
 isc_result_t
diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c
index 74ecf8f..6dce4a0 100644
--- a/bin/rndc/rndc.c
+++ b/bin/rndc/rndc.c
@@ -142,6 +142,7 @@ command is one of the following:\n\
   recursing	Dump the queries that are currently recursing (named.recursing)\n\
   validation newstate [view]\n\
 		Enable / disable DNSSEC validation.\n\
+  scan		Scan available network interfaces for changes.\n\
   *restart	Restart the server.\n\
   addzone [\"file\"] zone [class [view]] { zone-options }\n\
 		Add zone to given view. Requires new-zone-file option.\n\
diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml
index d902382..f990570 100644
--- a/doc/arm/Bv9ARM-book.xml
+++ b/doc/arm/Bv9ARM-book.xml
@@ -1461,6 +1461,18 @@ zone "eng.example.com" {
                   </varlistentry>
 
                   <varlistentry>
+                    <term><userinput>scan</userinput></term>
+                    <listitem>
+                      <para>
+                        Scan the list of available network interfaces
+                        for changes, without performing a full
+                        <command>reconfig</command> or waiting for the
+                        <command>interface-interval</command> timer.
+                      </para>
+                    </listitem>
+                  </varlistentry>
+
+                  <varlistentry>
                     <term><userinput>addzone
                         <replaceable>zone</replaceable>
                         <optional><replaceable>class</replaceable>

More information about the bind-workers mailing list