[Unbound-users] Problem with query
Paul Wouters
paul at xelerance.com
Thu Sep 15 19:31:37 UTC 2011
On Thu, 15 Sep 2011, Robert Fleischman wrote:
> Using unbound 1.4.12,
>
> dig -t ns dir.slb.com.
>
> It does not return, it returns instantly against bind. :-|
>
> A few things:
>
> 1. That name has a lot of NS answers (7000+ byte reply) according to
> ns3.slb.com. It appears to return a truncated answer and then forces
> clients (and probably unbound) to retry using TCP.
It works against my unbound-1.4.13 (open to use at 193.110.157.136).
It does fallback to tcp. The dns ns set from hell is returned.
> clearly,
> 2. unbound doesn't return. The query runs for hours/days/forever,
> inside unbound. It doesn't time-out! Digging into
> env->mesh->all.root and seen 100's of answers, and yet no response.
> Is it waiting for a COMPLETE answer? Even though it has a huge answer
> already?
Various harden options might make it try a lot of entries before returning.
The only cases I know of unbound not returning an answer is if your loglevel
is so high that your disk cannot keep up with the queries.
> 3. dig to Google (8.8.8.8) goes to tcp and doesn't return an answer either!
That I see as well.
Paul
More information about the Unbound-users
mailing list