[Unbound-users] unbound closes receive socket => udp probes
wouter at nlnetlabs.nl
Mon Jul 8 14:25:19 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 07/03/2013 04:03 PM, Phil Mayers wrote:
> On 03/07/13 14:07, Ilya Bakulin wrote:
>> Please tell me if this problem has a chance to be fixed.
> I also think it would be good to alleviate this issue. It's polite
> to the network and other hosts to properly receive reply packets to
> your own requests, even if you no longer need them.
The packets have timed out. We do not expect them any longer. A
retry is probably sent over another port number (randomised) and thus
uses a different socket.
I do not know how to do what you ask - keep the port open for a reply
that arrives later than expected, in a way that is good for
performance and on resources. The time limit is 2*sigma based on past
observations (a smoothed rtt). Performance will go down significantly
when more sockets are kept open. Also sockets are a limited resource,
and keeping them open means other requests cannot be dealt with.
So, although I understand this ICMP port closed is troublesome, I do
not know how to get rid of it. Is there something I can tell the
kernel that stops the ICMP port closed (for UDP)? Should unbound
listen to raw sockets and somehow remove the packet destined for an
old port (but what if someone runs 'dig' and it uses a random port
that unbound just previously used?).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Unbound-users