VeloCloud

 View Only
  • 1.  Fine tune alerts -> DNS_CACHE_LIMIT_REACHED

    Posted Mar 25, 2024 06:55 AM

    Hi,

    What is the settings to be configured on the edges profile for dns cached? Best practice for the dns configuration?

    Most users are using the public dns. Any way we can fine tune the settings?

    thank,

     



  • 2.  RE: Fine tune alerts -> DNS_CACHE_LIMIT_REACHED

    Broadcom Employee
    Posted Nov 26, 2024 01:31 AM

    Hi leangf2018_cb,

    Apologies this community was dormant until now.


    Unfortunately we can not fine tune the DNS cache limit alert.

    In environments with many active applications, the Edge DNS cache can become full and cause an alert every 10 minutes that DNS entries have been missed. Clearing the Edge DNS cache will temporarily relieve the issue

    In general there will be 2 types of entries in ip dns cache file .
    DNS based (snooped) the life time depends on the DNS response and other one edge learnt via DPI.
     

    DPI entries usually had a lifetime of 1day but gets refreshed when reused. 

    While we cant fine tune the alert, we have made some enhancement to the Edge code to better handle the DNS cache.

    When the cache is full, the Edge will now reclaim the least recently used entry, as long as the entry hasn't been used in the last 5 minutes, to allow room for the new incoming entry.
    DNS Cache logic is enhanced in Edge version: 
    452 VCE 20240125 RU4, 5.0.1.6,  5.1.1.0, 5.2.2.0,  5.2.3.0, 6.0.0.0, 4.5.3, 5.4.1.0

    Refer to release notes: https://docs.vmware.com/en/VMware-SASE/5.2.2/rn/vmware-sase-522-release-notes/index.html

    Issue: 126520 



    ------------------------------
    Regards,
    Ameya Oke
    Client Services Consultant | Software Defined Edge
    Broadcom

    ameya.oke@broadcom.com | broadcom.com
    ------------------------------



  • 3.  RE: Fine tune alerts -> DNS_CACHE_LIMIT_REACHED

    Posted Nov 26, 2024 07:41 AM

    We used to see the DNS cache limit log message on almost all of our VCEs.  Since upgrading from 4.5.1/4.5.2 to 5.2.3.2 the messages all disappeared.  I think the release notes made mention of this issue in a fixed version.

    Chuck



    ------------------------------
    Chuck Church
    Network Architect, CCIE #8776
    Michelin Tire
    Greenville, SC USA
    ------------------------------