Re: RFC 8767 recheck timer
Andreas Schwarz
andreas at black-code.de
Tue Jul 21 16:49:41 UTC 2020
Hi George,
thank you for your quick reply. Could you please elaborate on these failure recheck measures in unbound?
I dug a bit through the unbound code, the iterator specifically, but my C is not as good as to pretend that I understood very much.
I played a bit around with a zone of mine, added it to the authoritative servers, removed it and observed unbound's behavior. I could not see anything, that would indicate failure recheck measures (at least not for REFUSED codes) in a way that I would interpret the RFC.
The amount of requests I performed against unbound was pretty much identical to the amount of outgoing requests (times 6 for 3 authoritative Servers with both, IPv4 and IPv6).
>From the description in the RFC I would have expected unbound to stop querying the authoritative servers for some time and only serve the stale data. At least with serve-expired-client-timeout set to 0. With a non-zero value for this option, the behavior to always query totally makes sense.
Thank you in advance.
Cheers
Andreas
On Tuesday, July 21, 2020 14:56 CEST, George Thessalonikefs via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
> Hi Andreas,
>
> This timer is not specifically created for the serve-stale functionality
> because as is mentioned in the following paragraph of the RFC:
> > Most recursive resolvers already have the query resolution timer and,
> > effectively, some kind of failure recheck timer.
>
> This is also true in unbound, where failure recheck measures were
> already in place, though not configurable (at least in the sense of a
> timer).
>
> Best regards,
> -- George
>
> On 21/07/2020 14:30, Andreas Schwarz via Unbound-users wrote:
> > Hi,
> >
> > I am currently testing the RFC 8767 related options in unbound to serve stale records.
> >
> > RFC 8767 mentions in section 5
> >
> > > * A failure recheck timer, which limits the frequency at which a
> > > failed lookup will be attempted again.
> >
> > I could not find any option related to this functionality in the unbound manual. All the other portions of the RFC seem to be covered, but not this one. Did I miss something or is this not implemented?
> >
> > Cheers
> > Andreas
> >
More information about the Unbound-users
mailing list