DNStap collector: add option to increase SO_RCVBUF

collectors/dnstap.go

@@ -3,6 +3,7 @@ package collectors
 import (
 	"bufio"
 	"crypto/tls"
+	"io"
 	"net"
 	"os"
 	"strconv"
@@ -13,6 +14,25 @@ import (
 	"github.com/dmachard/go-logger"
 )
 
+// thanks to https://stackoverflow.com/questions/28967701/golang-tcp-socket-cant-close-after-get-file,
+// call conn.CloseRead() before calling conn.Close()
+func Close(conn io.Closer) error {
+	type ReadCloser interface {
+		CloseRead() error
+	}
+	var errs []error
+	if closer, ok := conn.(ReadCloser); ok {
+		errs = append(errs, closer.CloseRead())
+	}
+	errs = append(errs, conn.Close())
+	for _, err := range errs {
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 type Dnstap struct {
 	done     chan bool
 	listen   net.Listener
@@ -22,6 +42,7 @@ type Dnstap struct {
 	config   *dnsutils.Config
 	logger   *logger.Logger
 	name     string
+	connMode string
 }
 
 func NewDnstap(loggers []dnsutils.Worker, config *dnsutils.Config, logger *logger.Logger, name string) *Dnstap {
@@ -57,6 +78,14 @@ func (c *Dnstap) ReadConfig() {
 	}
 
 	c.sockPath = c.config.Collectors.Dnstap.SockPath
+
+	if len(c.config.Collectors.Dnstap.SockPath) > 0 {
+		c.connMode = "unix"
+	} else if c.config.Collectors.Dnstap.TlsSupport {
+		c.connMode = "tls"
+	} else {
+		c.connMode = "tcp"
+	}
 }
 
 func (c *Dnstap) LogInfo(msg string, v ...interface{}) {
@@ -114,7 +143,7 @@ func (c *Dnstap) Stop() {
 	for _, conn := range c.conns {
 		peer := conn.RemoteAddr().String()
 		c.LogInfo("%s - closing connection...", peer)
-		conn.Close()
+		Close(conn)
 	}
 	// Finally close the listener to unblock accept
 	c.LogInfo("stop listening...")
@@ -145,7 +174,6 @@ func (c *Dnstap) Listen() error {
 			c.logger.Fatal("loading certificate failed:", err)
 		}
 
-		// prepare tls configuration
 		tlsConfig := &tls.Config{
 			Certificates: []tls.Certificate{cer},
 			MinVersion:   tls.VersionTLS12,
@@ -159,7 +187,9 @@ func (c *Dnstap) Listen() error {
 		} else {
 			listener, err = tls.Listen(dnsutils.SOCKET_TCP, addrlisten, tlsConfig)
 		}
+
 	} else {
+
 		// basic listening
 		if len(c.sockPath) > 0 {
 			listener, err = net.Listen(dnsutils.SOCKET_UNIX, c.sockPath)
@@ -172,7 +202,7 @@ func (c *Dnstap) Listen() error {
 	if err != nil {
 		return err
 	}
-	c.LogInfo("is listening on %s", listener.Addr())
+	c.LogInfo("is listening on %s://%s", c.connMode, listener.Addr())
 	c.listen = listener
 	return nil
 }
@@ -191,6 +221,21 @@ func (c *Dnstap) Run() {
 			break
 		}
 
+		if (c.connMode == "tls" || c.connMode == "tcp") && c.config.Collectors.Dnstap.RcvBufSize > 0 {
+
+			var is_tls bool
+			if c.config.Collectors.Dnstap.TlsSupport {
+				is_tls = true
+			}
+
+			before, actual, err := SetSock_RCVBUF(conn, c.config.Collectors.Dnstap.RcvBufSize, is_tls)
+			if err != nil {
+				c.logger.Fatal("Unable to set SO_RCVBUF: ", err)
+			}
+			c.LogInfo("set SO_RCVBUF option, value before: %d, desired: %d, actual: %d", before,
+				c.config.Collectors.Dnstap.RcvBufSize, actual)
+		}
+
 		c.conns = append(c.conns, conn)
 		go c.HandleConn(conn)
 	}

collectors/dnstap_processor.go

@@ -128,10 +128,9 @@ func (d *DnstapProcessor) Run(sendTo []chan dnsutils.DnsMessage) {
 			dm.DnsTap.Identity = string(identity)
 		}
 		version := dt.GetVersion()
-		if len(identity) > 0 {
+		if len(version) > 0 {
 			dm.DnsTap.Version = string(version)
 		}
-
 		dm.DnsTap.Operation = dt.GetMessage().GetType().String()
 		dm.NetworkInfo.Family = dt.GetMessage().GetSocketFamily().String()
 		dm.NetworkInfo.Protocol = dt.GetMessage().GetSocketProtocol().String()

collectors/setsock.go

@@ -0,0 +1,43 @@
+//go:build linux || darwin
+// +build linux darwin
+
+package collectors
+
+import (
+	"crypto/tls"
+	"net"
+	"os"
+	"syscall"
+)
+
+// Configure SO_RCVBUF, thanks to https://github.com/dmachard/go-dns-collector/issues/61#issuecomment-1201199895
+func SetSock_RCVBUF(conn net.Conn, desired int, is_tls bool) (int, int, error) {
+	var file *os.File
+	var err error
+	if is_tls {
+		tlsConn := conn.(*tls.Conn).NetConn()
+		file, err = tlsConn.(*net.TCPConn).File()
+		if err != nil {
+			return 0, 0, err
+		}
+	} else {
+		file, err = conn.(*net.TCPConn).File()
+		if err != nil {
+			return 0, 0, err
+		}
+	}
+
+	// get the before value
+	before, err := syscall.GetsockoptInt(int(file.Fd()), syscall.SOL_SOCKET, syscall.SO_RCVBUF)
+	if err != nil {
+		return 0, 0, err
+	}
+
+	// set the new one and check the new actual value
+	syscall.SetsockoptInt(int(file.Fd()), syscall.SOL_SOCKET, syscall.SO_RCVBUF, desired)
+	actual, err := syscall.GetsockoptInt(int(file.Fd()), syscall.SOL_SOCKET, syscall.SO_RCVBUF)
+	if err != nil {
+		return 0, 0, err
+	}
+	return before, actual, nil
+}

collectors/setsock_windows.go

@@ -0,0 +1,44 @@
+//go:build windows
+// +build windows
+
+package collectors
+
+import (
+	"crypto/tls"
+	"net"
+	"os"
+
+	"golang.org/x/sys/windows"
+)
+
+// Configure SO_RCVBUF, thanks to https://github.com/dmachard/go-dns-collector/issues/61#issuecomment-1201199895
+func SetSock_RCVBUF(conn net.Conn, desired int, is_tls bool) (int, int, error) {
+	var file *os.File
+	var err error
+	if is_tls {
+		tlsConn := conn.(*tls.Conn).NetConn()
+		file, err = tlsConn.(*net.TCPConn).File()
+		if err != nil {
+			return 0, 0, err
+		}
+	} else {
+		file, err = conn.(*net.TCPConn).File()
+		if err != nil {
+			return 0, 0, err
+		}
+	}
+
+	// get the before value
+	before, err := windows.GetsockoptInt(windows.Handle(file.Fd()), windows.SOL_SOCKET, windows.SO_RCVBUF)
+	if err != nil {
+		return 0, 0, err
+	}
+
+	// set the new one and check the new actual value
+	windows.SetsockoptInt(windows.Handle(file.Fd()), windows.SOL_SOCKET, windows.SO_RCVBUF, desired)
+	actual, err := windows.GetsockoptInt(windows.Handle(file.Fd()), windows.SOL_SOCKET, windows.SO_RCVBUF)
+	if err != nil {
+		return 0, 0, err
+	}
+	return before, actual, nil
+}

config.yml

@@ -100,6 +100,8 @@ multiplexer:
 #   cache-support: false
 #   # Ttl in second, max time to keep the query record in memory cache
 #   query-timeout: 5
+#   # Sets the socket receive buffer in bytes SO_RCVBUF, set to zero to use the default system value
+#   sock-rcvbuf: 0
 
 # # dnstap proxifier with no protobuf decoding.
 # dnstap-proxifier:

dnsutils/config.go

@@ -154,6 +154,7 @@ type Config struct {
 			KeyFile       string `yaml:"key-file"`
 			CacheSupport  bool   `yaml:"cache-support"`
 			QueryTimeout  int    `yaml:"query-timeout"`
+			RcvBufSize    int    `yaml:"sock-rcvbuf"`
 		} `yaml:"dnstap"`
 		DnstapProxifier struct {
 			Enable        bool   `yaml:"enable"`
@@ -386,6 +387,7 @@ func (c *Config) SetDefault() {
 	c.Collectors.Dnstap.KeyFile = ""
 	c.Collectors.Dnstap.QueryTimeout = 5
 	c.Collectors.Dnstap.CacheSupport = false
+	c.Collectors.Dnstap.RcvBufSize = 0
 
 	c.Collectors.DnstapProxifier.Enable = false
 	c.Collectors.DnstapProxifier.ListenIP = ANY_IP

doc/collectors.md

@@ -25,6 +25,7 @@ Options:
 - `key-file`: (string) private key server file
 - `cache-support`: (boolean) disable or enable the cache dns, this feature can be enabled if your dns server doesn't add the latency
 - `query-timeout`: (integer) in second, max time to keep the query record in memory
+- `sock-rcvbuf`: (integer) sets the socket receive buffer in bytes SO_RCVBUF, set to zero to use the default system value
 
 Default values:
 
@@ -39,6 +40,7 @@ dnstap:
   key-file: ""
   cache-support: false
   query-timeout: 5.0
+  sock-rcvbuf: 0
 ```
 
 ### DNS tap Proxifier