kong icon indicating copy to clipboard operation
kong copied to clipboard
verified publisher icon Kong

Kong dns requests to dns server decreases

Open howan36 opened this issue 5 months ago • 15 comments

version: kong:3.1.0

for Externalname type services, we just remove ports config like: # ports: # - port: 80, and we found the requests to dns server decreases nearly by half, so what dns mode may cause this happen?

howan36 avatar Jul 23 '25 04:07 howan36

Could you give a full example so we can reproduce it?

spacewander avatar Jul 23 '25 10:07 spacewander

kind: Service apiVersion: v1 metadata: name: service-default-service-default-dev-8080 namespace: kong spec: type: ExternalName externalName: default-service.default-dev ports:

  • port: 8080

like the above config, i remove the last 2 lines

howan36 avatar Jul 23 '25 14:07 howan36

Maybe Kong ingress controller generates different configuration for domain and for domain with port.

spacewander avatar Jul 24 '25 09:07 spacewander

ok thanks for your reply, i guess maybe it's because some dns configurations will be different like dns stale ttl, i will check the KIC code to find if there're some details for it

howan36 avatar Jul 24 '25 14:07 howan36

i saw the configs from admin api like routes, services, targets, upstreams are just same, for 'with ports' and 'no ports' services, so if any other insights for it?

howan36 avatar Jul 29 '25 15:07 howan36

for example, if dns_valid_ttl dns_stale_ttl dns_cache_size, these 3 configurations would be different for them? maybe needs to further investigation

howan36 avatar Jul 29 '25 15:07 howan36

Interesting. For 'with ports' and 'no ports' services, the configurations should be different since the upstream addresses are different...

spacewander avatar Jul 30 '25 03:07 spacewander

i saw there is no port field for upstreams json data.

howan36 avatar Jul 30 '25 13:07 howan36

one more thing: there is no traffic, we also do not use maybe active and passive healthcheck, but there still lots of dns translation requests to coredns, what is it?

howan36 avatar Jul 30 '25 14:07 howan36

one more thing: there is no traffic, we also do not use maybe active and passive healthcheck, but there still lots of dns translation requests to coredns, what is it?

if you configure your host into target in some upstream, kong will automatically probe this host.

Image

chobits avatar Jul 31 '25 02:07 chobits

from admin api, i got the target like: {"data":[{"created_at":1754238438.816,"id":"d09638ca-0b83-52be-a68c-fcd0571b5419","tags":null,"upstream":{"id":"8c167dd3-7ffb-5b98-be0b-f25c0c02eead"},"target":"xxxxx-service.xxx.svc.cluster.local:8080","weight":100}],"next":null}%

howan36 avatar Aug 03 '25 16:08 howan36

your picture means that the target data should be the ip address?

howan36 avatar Aug 03 '25 16:08 howan36

@chobits do we have any updates? thanks.

chronolaw avatar Aug 25 '25 07:08 chronolaw

I mean, if you don’t want Kong’s automatic background DNS resolution tasks to run, you should avoid configuring the backend host or IP as an upstream target entity. Instead, just set it as the host value of the service entity.

chobits avatar Nov 25 '25 03:11 chobits

This issue is marked as stale because it has been open for 14 days with no activity.

github-actions[bot] avatar Dec 10 '25 02:12 github-actions[bot]

Dear contributor,

We are automatically closing this issue because it has not seen any activity for three weeks. We're sorry that your issue could not be resolved. If any new information comes up that could help resolving it, please feel free to reopen it.

Your contribution is greatly appreciated!

Please have a look our pledge to the community for more information.

Sincerely, Your Kong Gateway team

github-actions[bot] avatar Dec 18 '25 02:12 github-actions[bot]