[ext] Re: Perfomance issue between 1.5.8-1ubuntu1.1 (xenial) and 1.6.7-1ubuntu2.1 (bionic)

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Mon Jun 25 11:00:51 UTC 2018

* W.C.A. Wijngaards via Unbound-users <unbound-users at unbound.net>:
> Hi Ralf,
> On 25/06/18 11:43, Ralf Hildebrandt via Unbound-users wrote:
> > We're using unbound on our four proxy servers (and a hand-compiled,
> > current version of squid), which channel all outbound HTTP/HTTPS traffic.
> So I think it may be this change from 1.5.9:
> - Fix unbound sets CD bit on all forwards. If no trust anchors, it'll
> not set CD bit when forwarding to another server. If a trust anchor, no
> CD bit on the first attempt to a forwarder, but CD bit thereafter on
> repeated attempts to get DNSSEC.

It's probably that, yes.
> It could be other fixes, perhaps in TCP (if you have tcp-upstream
> enabled?) or ssl-upstream?  Or caps-for-id?

None of those.

Ralf Hildebrandt                   Charite Universitätsmedizin Berlin
ralf.hildebrandt at charite.de        Campus Benjamin Franklin
https://www.charite.de             Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155

More information about the Unbound-users mailing list