Fix dns-01-003 (#1634)

* plugin/{cache,forward,proxy}: don't allow responses that are bogus Responses that are not matching what we've been querying for should be dropped. They are converted into FormErrs by forward and proxy; as a 2nd backstop cache will also not cache these. * plug * add explicit test
2025-10-27 08:14:18 -04:00 · 2018-03-25 17:11:10 +01:00
parent 91413c25e1
commit 5616fcb175
7 changed files with 102 additions and 5 deletions
--- a/plugin/cache/README.md
+++ b/plugin/cache/README.md
@@ -57,6 +57,7 @@ If monitoring is enabled (via the *prometheus* directive) then the following met
 * `coredns_cache_capacity{type}` - Total capacity of the cache by cache type.
 * `coredns_cache_hits_total{type}` - Counter of cache hits by cache type.
 * `coredns_cache_misses_total{}` - Counter of cache misses.
+* `coredns_cache_drops_total{}` - Counter of dropped messages.

 Cache types are either "denial" or "success".