[Dnssec-trigger] persistent cache needed?

Chuck Anderson cra at WPI.EDU
Sun Feb 1 00:21:16 UTC 2015


On Sat, Jan 31, 2015 at 06:58:00PM -0500, Chuck Anderson wrote:
> After booting up and re-opening Firefox, restoring 50-100 tabs causes
> so much DNS traffic that unbound goes unresponsive, and queries
> repeatedly timeout for many minutes until things finally settle down.
> I thought Firefox's behavior was to not reload every tab until you
> activate the tab, but maybe it is still doing DNS pre-fetches for the
> inactive tabs?  I don't know.
> 
> I think we need a persistent cache, saved across restarts/reboots.
> What else can we do to solve this problem?
> 
> Or is the verbosity the cause of the problem:
> 
> #journalctl -b -u unbound | wc -l
> 24581
> 
> unbound.conf:
> 
> server:
>         # verbosity number, 0 is least verbose. 1 is default.
>         verbosity: 3

Nope, I turned this back down to 1, and the problem is the same after
rebooting.  I also confirmed that only some DNS queries timeout.  For
example, www.yahoo.com and www.nasa.gov timeout (or sometimes
SERVFAIL), but www.google.com works fine.  Probably any DNS queries
that are already cached before the flood of queries comes into unbound
will work fine.  I also confirmed that the problem only begins when
Firefox is reloading the previous session.  It takes about 5 minutes
for things to settle down enough for queries to finish without timing
out.



More information about the dnssec-trigger mailing list