[Unbound-users] No failover in stub-zone?
wouter at nlnetlabs.nl
Tue Jul 10 11:31:36 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 07/10/2012 01:02 PM, lst_hoe02 at kwsoft.de wrote:
> Zitat von "W.C.A. Wijngaards" <wouter at nlnetlabs.nl>:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> Hi Andreas,
>> On 07/09/2012 10:52 PM, lst_hoe02 at kwsoft.de wrote:
>>> we have on our border dns recursor (unbound 1.4.17) some
>>> stub-zones mostly for PTR lookups for our internal AS112
>>> addresses like this:
>>> stub-zone: name: "10.in-addr.arpa" stub-addr:
>>> <IP-first-internal-NS> stub-addr: <IP-second-internal-NS>
>> unbound will divide the load amongst the addresses. It will
>> randomise with RTT banding.
>>> Today the first internal NS went down and most reverse lookups
>>> slow to crawl. I expexted unbound would notice the failure and
>>> simply only use the second after some time like it did with
>>> normal lookups when skipping unavailable NS.
>>> Is this expected behaviour or have i done something wrong?
>> The second server also fails?
>> Unbound should try both servers (randomly if they are working,
>> for 50% load on both of them).
> No, the second was available, and yes it looks like Unbound was
> balancing because some lookups where fast and some timeout. As far
> as i know Unbound does skip unresponsive servers when doing
> "normal" lookups (no stub-zones) and i suspected Unbound doing the
> same for the stub-zone servers. Might this be possible as a feature
> in the future? I think the same rules should apply for stub-zones
> as for all lookups, no?
This is the way it is implemented today. Unbound can failover for
stub-zones (and forward-zones) if nameservers do not respond and stops
asking if they are down.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Unbound-users