Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
COREDNS-CACHE(7)		CoreDNS	Plugins		      COREDNS-CACHE(7)

NAME
       cache - enables a frontend cache.

DESCRIPTION
       With  cache  enabled,  all  records  except zone	transfers and metadata
       records will be cached for up to	3600s. Caching is mostly useful	 in  a
       scenario	when fetching data from	the backend (upstream, database, etc.)
       is expensive.

       Cache  will  change  the	 query	to enable DNSSEC (DNSSEC OK; DO) if it
       passes through the plugin. If the  client  didn't  request  any	DNSSEC
       (records), these	are filtered out when replying.

       This plugin can only be used once per Server Block.

SYNTAX
	      cache [TTL] [ZONES...]

          TTL	max  TTL in seconds. If	not specified, the maximum TTL will be
	   used, which is 3600 for NOERROR responses and 1800  for  denial  of
	   existence  ones.   Setting  a  TTL  of  300:	 cache 300 would cache
	   records up to 300 seconds.

          ZONES zones it should cache for. If empty, the zones	from the  con-
	   figuration block are	used.

       Each  element  in the cache is cached according to its TTL (with	TTL as
       the max).  A cache is divided into 256 shards, each holding  up	to  39
       items by	default	- for a	total size of 256 * 39 = 9984 items.

       If you want more	control:

	      cache [TTL] [ZONES...] {
		  success CAPACITY [TTL] [MINTTL]
		  denial CAPACITY [TTL]	[MINTTL]
		  prefetch AMOUNT [[DURATION] [PERCENTAGE%]]
		  serve_stale [DURATION]
	      }

          TTL	and ZONES as above.

          success,  override  the  settings for caching successful responses.
	   CAPACITY indicates the maximum number of packets we cache before we
	   start evicting (randomly). TTL overrides  the  cache	 maximum  TTL.
	   MINTTL  overrides  the  cache minimum TTL (default 5), which	can be
	   useful to limit queries to the backend.

          denial, override the	settings for caching denial of	existence  re-
	   sponses.  CAPACITY indicates	the maximum number of packets we cache
	   before we start evicting (LRU). TTL	overrides  the	cache  maximum
	   TTL.	 MINTTL	overrides the cache minimum TTL	(default 5), which can
	   be  useful to limit queries to the backend.	There is a third cate-
	   gory	(error)	but those responses are	never cached.

          prefetch will prefetch popular items	when they are about to be  ex-
	   punged from the cache.  Popular means AMOUNT	queries	have been seen
	   with	 no  gaps of DURATION or more between them.  DURATION defaults
	   to 1m. Prefetching will happen when the TTL drops below PERCENTAGE,
	   which defaults to 10%, or latest 1 second  before  TTL  expiration.
	   Values should be in the range [10%, 90%].  Note the percent sign is
	   mandatory. PERCENTAGE is treated as an int.

          serve_stale,	 when  serve_stale  is set, cache always will serve an
	   expired entry to a client if	there is  one  available.   When  this
	   happens,  cache will	attempt	to refresh the cache entry after send-
	   ing the expired cache entry to the client. The responses have a TTL
	   of 0. DURATION is how far  back  to	consider  stale	 responses  as
	   fresh. The default duration is 1h.

CAPACITY AND EVICTION
       If CAPACITY is not specified, the default cache size is 9984 per	cache.
       The  minimum allowed cache size is 1024.	 If CAPACITY is	specified, the
       actual cache size used will be rounded down to the nearest  number  di-
       visible by 256 (so all shards are equal in size).

       Eviction	 is  done per shard. In	effect,	when a shard reaches capacity,
       items are evicted from that shard.  Since shards	 don't	fill  up  per-
       fectly  evenly,	evictions  will	 occur before the entire cache reaches
       full capacity.  Each shard capacity is equal to the total cache size  /
       number  of  shards  (256).  Eviction is random, not TTL based.  Entries
       with 0 TTL will remain in the cache until  randomly  evicted  when  the
       shard reaches capacity.

METRICS
       If monitoring is	enabled	(via the prometheus plugin) then the following
       metrics are exported:

          coredns_cache_entries{server,  type}	 - Total elements in the cache
	   by cache type.

          coredns_cache_hits_total{server, type} - Counter of cache  hits  by
	   cache type.

          coredns_cache_misses_total{server} -	Counter	of cache misses.

          coredns_cache_prefetch_total{server}	 -  Counter of times the cache
	   has prefetched a cached item.

          coredns_cache_drops_total{server} - Counter of  responses  excluded
	   from	the cache due to request/response question name	mismatch.

          coredns_cache_served_stale_total{server}   -	 Counter  of  requests
	   served from stale cache entries.

       Cache types are either "denial" or "success". Server is the server han-
       dling the request, see the prometheus plugin for	documentation.

EXAMPLES
       Enable caching for all zones, but cap everything	to a TTL  of  10  sec-
       onds:

	      .	{
		  cache	10
		  whoami
	      }

       Proxy to	Google Public DNS and only cache responses for example.org (or
       below).

	      .	{
		  forward . 8.8.8.8:53
		  cache	example.org
	      }

       Enable  caching for example.org,	keep a positive	cache size of 5000 and
       a negative cache	size of	2500:

	      example.org {
		  cache	{
		      success 5000
		      denial 2500
		  }
	      }

CoreDNS				  March	2021		      COREDNS-CACHE(7)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=coredns-cache&sektion=7&manpath=FreeBSD+Ports+14.3.quarterly>

home | help