question about timeout handling
Greg Ishimaru
gsishimaru at gmail.com
Wed Aug 17 15:37:40 UTC 2022
I've seen cases where name servers are configured to selectively
timeout queries. In one case, multiple zones were delegated to the
same set of authoritative name servers where the name servers were
configured to permanently timeout queries for one zone and respond
to queries for the other zones. It seems that the timeouts for the
zone configured to timeout caused unbound to stop providing answers
and respond with SERVFAIL for the other zones because all of the name
servers were in the blocking regime. In another case, the authoritative
name servers would permanently timeout queries for non-existent records
in a zone and respond to queries for records that do exist in the
same zone. Again, all of the name servers ended up in the blocking
regime. For these cases, is there any setting that would allow unbound
to continue trying the name servers for the zones and/or records
where the name servers do respond ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20220817/38e7b84c/attachment.htm>
More information about the Unbound-users
mailing list