From b7e36b165af9f4fdce48752212532555d63e3961 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Bernier?= Date: Fri, 25 Apr 2025 10:29:49 -0400 Subject: [PATCH] Prevent continuous connection rebuilding in custom upstreams This commit fixes a critical performance issue with custom encrypted DNS upstreams configured for persistent clients. The bug caused connections to be unnecessarily closed and rebuilt on every DNS request, making custom DoH/DoT/DoQ upstreams 4-5 times slower than global upstreams. The root cause was that after rebuilding a client's upstream connection, the timestamp (commonConfUpdate) used for detecting configuration changes was never updated. This resulted in an endless cycle of detecting "changes" and rebuilding connections on every request, particularly impacting encryption protocols with expensive connection establishment. This PR updates the client's configuration timestamp after rebuilding the connection in upstreamManager.customUpstreamConfig(). Fixes: #7739, #7769 --- internal/client/upstreammanager.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/client/upstreammanager.go b/internal/client/upstreammanager.go index b804dbdcf92..37324a273cf 100644 --- a/internal/client/upstreammanager.go +++ b/internal/client/upstreammanager.go @@ -139,6 +139,7 @@ func (m *upstreamManager) customUpstreamConfig(uid UID) (proxyConf *proxy.Custom proxyConf = newCustomUpstreamConfig(cliConf, m.commonConf) cliConf.proxyConf = proxyConf cliConf.isChanged = false + cliConf.commonConfUpdate = m.confUpdate return proxyConf }