[Unbound-users] Does/can unbound use RTT values to prioritise DNS servers
Carsten Strotmann
unbound at strotmann.de
Sun Nov 28 17:41:49 UTC 2010
On 11/27/10 8:21 PM, Nick B wrote:
> Does or can unbound be configured to prioritise recursive queries
> using the lowest RTT values, maybe from the Infra cache? In this
> instance 'K' is preferable to 'M' for example.
Hello Nick,
Unbound is using "RTT banding", it randomly pickes a server within a
so-called RTT band of 400 msec, see
http://www.unbound.net/documentation/info_timeout.html
and
http://www.unbound.net/documentation/patch_announce102.html
> Destination address randomisation. Unbound performs RTT banding, a
> method to select the destination server that provides additional
> randomness. This provides between 1 and 4 bits of randomness. Perhaps
> 2 on average. Arguments that choosing the fastest destination reduces
> the attack time window are no longer relevant given the recent full
> disclosure at the Blackhat conference. Additional time windows are
> easily achieved.
-- Carsten
More information about the Unbound-users
mailing list