DNS Resolution
Many Envoy components resolve DNS: different cluster types (
strict dns,
logical dns);
the dynamic forward proxy system (which is
composed of a cluster and a filter);
the udp dns filter, etc.
Envoy uses c-ares as a third party DNS resolution library.
On Apple OSes Envoy additionally offers resolution using Apple specific APIs via the
envoy.restart_features.use_apple_api_for_dns_lookups
runtime feature.
Envoy provides DNS resolution through extensions, and contains 3 built-in extensions:
c-ares: CaresDnsResolverConfig
Apple (iOS/macOS only): AppleDnsResolverConfig
getaddrinfo: GetAddrInfoDnsResolverConfig
For an example of a built-in DNS typed configuration see the HTTP filter configuration documentation.
The c-ares based DNS Resolver emits the following stats rooted in the dns.cares
stats tree:
Name
Type
Description
resolve_total
Count
Number of DNS queries
pending_resolutions
Gauge
Number of pending DNS queries
not_found
Counter
Number of DNS queries that returned NXDOMAIN or NODATA response
timeout
Counter
Number of DNS queries that resulted in timeout
get_addr_failure
Counter
Number of general failures during DNS quries
The Apple-based DNS Resolver emits the following stats rooted in the dns.apple
stats tree:
Name
Type
Description
connection_failure
Counter
Number of failed attempts to connect to the DNS server
get_addr_failure
Counter
Number of general failures when calling GetAddrInfo API
network_failure
Counter
Number of failures due to network connectivity
processing_failure
Counter
Number of failures when processing data from the DNS server
socket_failure
Counter
Number of failed attempts to obtain a file descriptor to the socket to the DNS server
timeout
Counter
Number of queries that resulted in a timeout