Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 28 Sep 2017 10:20:47 -0400
From:      Christopher Sean Hilton <chris@vindaloo.com>
To:        Dimitry Andric <dim@FreeBSD.org>
Cc:        freebsd-stable@freebsd.org
Subject:   Re: Bind9 + TCP_FASTOPEN => no rndc
Message-ID:  <20170928142047.dgzji5mdic632u7w@csh-desktop-vm00.loopone.com>
In-Reply-To: <5CF82983-FDA1-4F83-9D47-D36845A12B97@FreeBSD.org>
References:  <20170927173525.bspia3tpcu35yng3@kessel.vindaloo.com> <5CF82983-FDA1-4F83-9D47-D36845A12B97@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Sep 27, 2017 at 09:17:29PM +0000, Dimitry Andric wrote:
> On 27 Sep 2017, at 19:35, Christopher Sean Hilton <chris@vindaloo.com> wrote:
> > 
> > I'm trying to configure bind 9.11 as a nameserver on FreeBSD
> > 11-STABLE. When the bind9 port compile it enables TCP_FASTOPEN but the
> > changes haven't yet been baked into the GENERIC Kernel. I can't find a
> > way to disable the use of TCP_FASTOPEN in bind at startup. Is the only
> > way to fix this problem to build a new kernel with TCP_FASTOPEN
> > enabled?
> 
> It looks like bind enables use of TCP_FASTOPEN whenever its configure
> script finds the define in the system headers.  But it does not check
> whether the functionality actually works with setsockopt.
> 
> In any case, the message is harmless noise, as any errors are ignored:
> 
> #if defined(ISC_PLATFORM_HAVETFO) && defined(TCP_FASTOPEN)
> #ifdef __APPLE__
>         backlog = 1;
> #else
>         backlog = backlog / 2;
>         if (backlog == 0)
>                 backlog = 1;
> #endif
>         if (setsockopt(sock->fd, IPPROTO_TCP, TCP_FASTOPEN,
>                        (void *)&backlog, sizeof(backlog)) < 0) {
>                 isc__strerror(errno, strbuf, sizeof(strbuf));
>                 UNEXPECTED_ERROR(__FILE__, __LINE__,
>                                  "setsockopt(%d, TCP_FASTOPEN) failed with %s",
>                                  sock->fd, strbuf);
>                 /* TCP_FASTOPEN is experimental so ignore failures */
>         }
> #endif
> 

Great,

I assumed that the FASTOPEN failure was related to the inablity to
open the rndc socket. I'll have to debug the rndc socket seperately.


Thanks for help!

-- Chris

-- 
Chris

      __o          "All I was trying to do was get home from work."
    _`\<,_           -Rosa Parks
___(*)/_(*)____.___o____..___..o...________ooO..._____________________
Christopher Sean Hilton                    [chris/at/vindaloo/dot/com]

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170928142047.dgzji5mdic632u7w>