[Unbound-users] forward servers: option to log failed requests
wouter at NLnetLabs.nl
Mon Aug 31 08:57:34 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
On 08/31/2009 10:22 AM, Felix Schueren wrote:
> we're still tracking a "some miniscule amount of queries fail every
> couple of days" case with unbound, and we think it might be related to
> unbounds backoff timer. Dumping unbound-control lookup (forwarded-zone)
> every minute yielded this:
These servers are both for the same zone, right?
So if server 1 does not work, unbound tries server 2.
In the sample below, it would start out favoring server 2,
which is working fine it says.
Are there statistics from the kernel, network stack, about
packets and dropped packets? Is the answer getting dropped
somewhere else in your network?
> normally looks like
> (forward server 1) rtt 27 msec, 0 lost. EDNS 0 probed.
> (forward server 2) rtt 23 msec, 0 lost. EDNS 0 probed.
> problem timeframe:
> Mon Aug 31 00:47:09 CEST 2009
> (forward server 1) rtt 800 msec, 1 lost. EDNS 0 probed.
> (forward server 2) rtt 31 msec, 0 lost. EDNS 0 probed.
> and we had a couple of dns-related error messages ("unable to resolve")
> for queries that I know go to the forward servers at 00:50:03 +0200 that
> As the volume is too large to dump properly, I would like an option per
> forward server or per forward zone to dump failed requests with the full
> query. These forward servers should _always_ answer, each failed query
> should be logged in a configurable verbosity level (so we could set it
> to 1 - 2 is pretty much unusable due to the high volume). Even if you
> would not want it in mainline, maybe a debug build would be possible?
> Kind regards,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Unbound-users