[PR #2487] [MERGED] Add resolver/recursor configuration to avoid udp ports #3081

New issue

Closed

opened 2026-03-16 11:24:13 +03:00 by kerem · 0 comments

kerem commented

2026-03-16 11:24:13 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hickory-dns/hickory-dns/pull/2487
Author: @divergentdave
Created: 10/1/2024
Status: ✅ Merged
Merged: 10/4/2024
Merged by: @djc

Base: main ← Head: david/avoid-udp-ports

📝 Commits (6)

12db441 Update documentation and comments
ecd4956 Add builder for UdpClientStream
3da1cd7 Use new builder
63b1cb8 Remove existing constructors
1579cd4 Add avoid_local_port option to UDP client stream
445eeee Add avoid_local_udp_ports to recursor config

📊 Changes

17 files changed (+184 additions, -163 deletions)

View changed files

📝 bin/benches/comparison_benches.rs (+4 -4)
📝 bin/tests/integration/named_tests.rs (+2 -2)
📝 crates/client/src/udp/udp_client_connection.rs (+5 -7)
📝 crates/proto/src/tests/udp.rs (+4 -1)
📝 crates/proto/src/udp/udp_client_stream.rs (+76 -103)
📝 crates/proto/src/udp/udp_stream.rs (+48 -20)
📝 crates/recursor/src/recursor.rs (+12 -1)
📝 crates/recursor/src/recursor_dns_handle.rs (+9 -5)
📝 crates/resolver/Cargo.toml (+1 -1)
📝 crates/resolver/src/config.rs (+5 -3)
📝 crates/resolver/src/name_server/connection_provider.rs (+4 -6)
📝 crates/server/src/store/recursor/authority.rs (+1 -0)
📝 crates/server/src/store/recursor/config.rs (+5 -0)
📝 tests/integration-tests/tests/integration/client_future_tests.rs (+5 -7)
📝 tests/integration-tests/tests/integration/dnssec_client_handle_tests.rs (+1 -1)
📝 tests/integration-tests/tests/integration/truncation_tests.rs (+1 -1)
📝 util/src/bin/dns.rs (+1 -1)

📄 Description

This addresses #1722 for UDP sockets by adding configuration options to avoid binding to a list of local UDP ports. I added a builder for UdpClientStream to clean up the existing constructors, and add the ability to pass on this new configuration. (note that two of the existing constructors were identical save for argument order) I put the list of ports to avoid in an Arc from ResolverOpts and onward, to avoid cloning HashSets after startup.

I manually tested this by adding a bias to the random port selection and extra logging statements, and confirming that the new rejection sampling loop kicked in.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hickory-dns/hickory-dns/pull/2487 **Author:** [@divergentdave](https://github.com/divergentdave) **Created:** 10/1/2024 **Status:** ✅ Merged **Merged:** 10/4/2024 **Merged by:** [@djc](https://github.com/djc) **Base:** `main` ← **Head:** `david/avoid-udp-ports` --- ### 📝 Commits (6) - [`12db441`](https://github.com/hickory-dns/hickory-dns/commit/12db441b2431143622e1dff6a59d3fbd056a6b6e) Update documentation and comments - [`ecd4956`](https://github.com/hickory-dns/hickory-dns/commit/ecd4956017d4af7716a8c9e3bca5f811a2eb014f) Add builder for UdpClientStream - [`3da1cd7`](https://github.com/hickory-dns/hickory-dns/commit/3da1cd7a46983b1b93a1711b389b44d235ad67b0) Use new builder - [`63b1cb8`](https://github.com/hickory-dns/hickory-dns/commit/63b1cb8095d728ce87f4b7205d0315367d9a0992) Remove existing constructors - [`1579cd4`](https://github.com/hickory-dns/hickory-dns/commit/1579cd41653ebbc8982f972abcd21bafdcc94d5e) Add avoid_local_port option to UDP client stream - [`445eeee`](https://github.com/hickory-dns/hickory-dns/commit/445eeee4f77f91dc5a139cd6b64c1e691139d95c) Add avoid_local_udp_ports to recursor config ### 📊 Changes **17 files changed** (+184 additions, -163 deletions) <details> <summary>View changed files</summary> 📝 `bin/benches/comparison_benches.rs` (+4 -4) 📝 `bin/tests/integration/named_tests.rs` (+2 -2) 📝 `crates/client/src/udp/udp_client_connection.rs` (+5 -7) 📝 `crates/proto/src/tests/udp.rs` (+4 -1) 📝 `crates/proto/src/udp/udp_client_stream.rs` (+76 -103) 📝 `crates/proto/src/udp/udp_stream.rs` (+48 -20) 📝 `crates/recursor/src/recursor.rs` (+12 -1) 📝 `crates/recursor/src/recursor_dns_handle.rs` (+9 -5) 📝 `crates/resolver/Cargo.toml` (+1 -1) 📝 `crates/resolver/src/config.rs` (+5 -3) 📝 `crates/resolver/src/name_server/connection_provider.rs` (+4 -6) 📝 `crates/server/src/store/recursor/authority.rs` (+1 -0) 📝 `crates/server/src/store/recursor/config.rs` (+5 -0) 📝 `tests/integration-tests/tests/integration/client_future_tests.rs` (+5 -7) 📝 `tests/integration-tests/tests/integration/dnssec_client_handle_tests.rs` (+1 -1) 📝 `tests/integration-tests/tests/integration/truncation_tests.rs` (+1 -1) 📝 `util/src/bin/dns.rs` (+1 -1) </details> ### 📄 Description This addresses #1722 for UDP sockets by adding configuration options to avoid binding to a list of local UDP ports. I added a builder for `UdpClientStream` to clean up the existing constructors, and add the ability to pass on this new configuration. (note that two of the existing constructors were identical save for argument order) I put the list of ports to avoid in an `Arc` from `ResolverOpts` and onward, to avoid cloning `HashSet`s after startup. I manually tested this by adding a bias to the random port selection and extra logging statements, and confirming that the new rejection sampling loop kicked in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>