[Unbound-users] testing unbound (coming from bind)

James Starowitz starsoft at starnova.net
Sun Feb 23 04:54:59 UTC 2014

Ive been using this for a couple days  as simple as it is, it works pretty good.
The sleep is required because the stop issues an "ok" but the program is still running, (cant bind port)
Occasionally we see an ssl error, on the load_cache line, but it does load all the records "~ok~" and works.

unbound-control dump_cache > /root/dump_cache.data;
unbound-control stop;
sleep 2;
unbound-control start;
cat /root/dump_cache.data | unbound-control load_cache;

is this the timeout for non existant domains? Is that what lame means?

        # the time to live (TTL) value for cached roundtrip times, lameness and
        # EDNS version information for hosts. In seconds.
        # infra-host-ttl: 900
Or does this type of ttl not exist at this time?

I am also still wondering about the possablity for a non recursive (cache/local) only acl.

<3 pfsense

-----Original Message-----
From: Unbound-users [mailto:unbound-users-bounces at unbound.net] On Behalf Of Dave Warren
Sent: Saturday, February 22, 2014 9:46 PM
To: unbound-users at unbound.net
Subject: Re: [Unbound-users] testing unbound (coming from bind)

On 2014-02-20 16:14, James Starowitz wrote:
> Has anyone made a restart script that dumps cache to file, then restart and imports the cache back in?

pfSense has such a thing.

> Whats the likely hood that’s going to “work” reliably? :D

In theory, it should be possible, I suppose. pfSense's doesn't work reliably. Do you find yourself restarting production unbound instances often enough that dumping the cache causes operational issues?

Dave Warren

Unbound-users mailing list
Unbound-users at unbound.net

More information about the Unbound-users mailing list