Home

Forums

Stories

Knowledge Base

Business Community > Requests & Suggestions > DNS Cache and Proxy Enhancements

< Requests & Suggestions

Votes

DNS Cache and Proxy Enhancements

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Votes

DNS Cache and Proxy Enhancements

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

vnan1829

2023-10-21 08:06:42

Posts: 16

Helpful: 6

Solutions: 0

Stories: 0

Registered: 2023-08-02

DNS Cache and Proxy Enhancements

2023-10-21 08:06:42

Tags:

Model: ER605 (TL-R605)

Hardware Version: V2

Firmware Version: 2.1.4

Hi Team,

Is it possible to include the following enhancements for DNS Cache and DNS Proxy in future releases:

1. Accept min & max_ttl values for DNS Cache to cache only the entries > min_ttl and < max_ttl. Currently, it just overrides the max ttl.

2. Is it possible to keep a track of cache hits and implement an auto-refresh mechanism for the most hit cache entries (lets say google, cdn etc., hit more than 5 times). This can be done, behind the scenes by fetching them from upstream DNS servers before the expiry (for the set TTL thresholds). This can improve the overall network performance.

3. Support IPV6 configurations for DNS Proxy -> DNSSec, DOH, DOT.

Thanks,

VNan.

2 Reply

Clive_A

2023-10-24 01:10:04

Posts: 5473

Helpful: 2619

Solutions: 1219

Stories: 0

Registered: 2023-06-09

Re:DNS Cache and Proxy Enhancements

2023-10-24 01:10:04

Hi @vnan1829

Thanks for posting in our business forum.

I often see them in third-party DNS servers like Pi-hole or AdGaurd. I am not sure if there will be new features like these implemented in the DNS cache.

Why would you need to override the min TTL? Is there a reason for it? If you use the DNS cache, then you probably prefer retaining the DNS entries for a longer period of time to have a better experience of surfing the Internet. What does min TTL set for? It records and resolves once and save for that period of time. What does it mean DNS Cache to cache only the entries > min_ttl and < max_ttl.

As far as I know, if you need to monitor your traffic, that'll be DPI. I know that a third-party DNS server can do this. But I don't think it would be implemented as it is more like to be a duplicate feature as DPI. DPI will gradually be implemented to the Omada devices if their hardware is capable.

Most of the Omada devices are not IPv6 ready. Some features support IPv6 but not all of them. Features now implemented are more v6-oriented. This probably will be sync-update when more IPv6 features are coming out.

Will feedback on what you have posted.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.

vnan1829

LV1

2023-10-24 03:54:35 - last edited 2023-10-24 04:01:05

Posts: 16

Helpful: 6

Solutions: 0

Stories: 0

Registered: 2023-08-02

Re:DNS Cache and Proxy Enhancements

2023-10-24 03:54:35 - last edited 2023-10-24 04:01:05

@Clive_A

Thank you for looking into my request. I understood Omada's intent to override the TTL set by the upstream. However, blindly overriding the TTL value with a higher value can lead to issues such as cache poisoning or invalid cache entries which may prevent us from going to the respective website unless we clear the cache. We can fix this by respecting the TTL set by upstream and only cache those entries that are cacheable. For example, if the upstream says the TTL is 60 secs that kind of entry need not be cached unless it is overridden by your default implementation, however, it may lead to issues I mentioned above (invalid cache). So with min cache ttl, we can safely cache entries that our upstream deems to be valid. For example, if the upstream gave us the TTL of 300 (5 mins), we can choose to not cache anything below 5 mins thus saving ourselves from unnecessary cache or related lookup times for such short-living entries.

Alternatively, we can use max_ttl to enforce when to refresh the cache. If the upstream sets the TTL as 864000 (10 days), you can set a max_ttl of 86400 to clear the cache every day.

I would appreciate IPV6 implementation be fast-tracked.

DNS Cache and Proxy Enhancements

DNS Cache and Proxy Enhancements

Information

Voters 2

Tags