Introduction
This document describes the Domain Name System (DNS) cache mechanism in Session Management Function (SMF) and how to troubleshoot it.
How DNS Cache Works
When a DNS query takes place at SMF, the answer from the DNS server is cached in the internal database. The Fully Qualified Domain Name (FQDN) for Proxy Call Session Control Function (P-CSCF) address is one example when P-CSCF Extended Protocol Configuration Option (PCO) is requested by the subscriber, and if SMF has P-CSCF FQDN configuration, DNS query is sent and the answer is saved in the cache.
A sample P-CSCF profile and dns-proxy configuration are this:
profile pcscf pcscf1
fqdn pcscf6.test.local
v6-list
precedence 1
primary fe80::1
exit
exit
exit
profile dns-proxy
query-type ipv6
timeout 2000
round-robin-answers
servers serv1
ip 192.168.20.11
port 53
protocol udp
priority 1
exit
exit
With the configuration, first SMF tries to resolve the FQDN pcscf6.test.local with DNS server and saves the answer in the cache. The static P-CSCF address (fec0::1) is used only when DNS resolution fails. Next time SMF checks in the cache and if the host name is found, it is used and the DNS query does not happen. The cache entry is expired based on the Time to Live (TTL) set by SMF configuration or value from the DNS server.
Troubleshoot
The cache needs to be investigated when there is an issue with DNS resolution, for example, if SMF returns an unexpected IP address for P-CSCF, potentially an old entry remains in the cache, because of a wrong TTL value or because the TTL expiration mechanism does not work by some reason.
The cached entries can be seen with show dns-cache CLI.
[unknown] smf# show dns-cache ipv6
dns-cache-details
{
"cacheResponse": [
{
"hostname": "pcscfv6.test.local",
"hostdata": [
{
"podInstance": "0",
"cachedType": "ipv6",
"cachedTime": "Wed Jan 26 03:32:01 UTC 2022",
"currentTime": "Wed Jan 26 03:32:03 UTC 2022",
"cachedData": [
{
"ip": "fec0:0:1:2:3:4:fe8b:5d43",
"ttl": 180
}
],
"dnsServer": "192.168.20.11:53 udp"
}
]
}
]
}
DNS resolution can be tested with test dns-query CLI.
[unknown] smf# test dns-query fqdn pcscfv6.test.local
dns-summary
Hostname : pcscfv6.test.local,
IPv4Addr : [],
IPv6Addr : [fe80:0:1:2:3:4:fe8b:5d43]
The CLI is implemented via Cisco bug ID CSCvz13118. If an old SMF build is used and the CLI is not available, the cache entries can be dumped on etcd pod with etcdctl command.
[root@master1 ~]# kubectl get pod -n smf-data | grep etcd
etcd-smf-data-etcd-cluster-0 2/2 Running 2 23h
[root@master1 ~]# kubectl exec -it etcd-smf-data-etcd-cluster-0 -n smf-data bash
Defaulting container name to member.
Use 'kubectl describe pod/etcd-smf-data-etcd-cluster-0 -n smf-data' to see all of the containers in this pod.
groups: cannot find name for group ID 303
I have no name!@etcd-smf-data-etcd-cluster-0:/usr/local/bin$
I have no name!@etcd-smf-data-etcd-cluster-0:/usr/local/bin$ etcdctl get --prefix C.RadiusDNS
C.RadiusDNS/DNS/CacheV6.pcscfv6.test.local
fe80:0:1:2:3:4:fe8b:5d43
180
C.RadiusDNS/DNS/Common.algorithm
round-robin
C.RadiusDNS/DNS/Common.queryType
ipv6
Feedback