Caching in libunbound

Rick van Rein rick at
Thu Mar 21 08:10:35 UTC 2019


I am using libunbound for DANE-based realm-crossover for Kerberos.  This
requires the KDC to map hosts to realms via DNSSEC, but otherwise it is
just a wrapper around the KDC,

Does libunbound cache like an Unbound server would, for the duration of
the TTL if the program does not exit before?

The KDC and my daemon each use libunbound.  Does that mean they each
have their own cache, and if so, is there a way to combine their storage
and validation efforts?  I could speedup lookups with an Unbound daemon
behind libunbound, but that'd give three caches and three independent

Allow me to add that libunbound is very pleasant to work with!  The only
thing I miss in the API is the lack of an invalid value for the
async_id, so apart from storing that value there also is a need to flag
whether such a field is occupied (and possibly calling for locking to
keep the two consistent).


More information about the Unbound-users mailing list