[EXTERNAL] Unbound-users Digest, Vol 42, Issue 9

Raman, Sankar sraman at rbbn.com
Thu Jun 29 12:20:49 UTC 2023 

Yorgos:

Thanks for the response. But we do not want to receive an answer with ttl = 0 as the application uses the ttl value to start its own refresh timer. For now I have made the timer value tt1+1 if ttl !=0 and ttl=prev ttl otherwise, so applications goes to unbound 1 sec after expiry.

Ideally we want unbound not to send response with ttl=0, instead do the new fetch and return the answer to new fetch without 1 sec delay. After all the application re-queried unbound only after ttl secs expired. The reason is there is certain certification that requires compliance of ttl value for re-queries.

In essence we do not want unbound to maintain cache at all, as the higher application does that, but I could not find a way to configure unbound to not cache. Setting cache-max-ttl to zero has the undesirable side effect of always returning ttl=0 for any query.

Thanks
Sankar

On 29/06/23, 5:30 PM, "Unbound-users on behalf of unbound-users-request at lists.nlnetlabs.nl <mailto:unbound-users-request at lists.nlnetlabs.nl>" <unbound-users-bounces at lists.nlnetlabs.nl <mailto:unbound-users-bounces at lists.nlnetlabs.nl> on behalf of unbound-users-request at lists.nlnetlabs.nl <mailto:unbound-users-request at lists.nlnetlabs.nl>> wrote:


Send Unbound-users mailing list submissions to
unbound-users at lists.nlnetlabs.nl <mailto:unbound-users at lists.nlnetlabs.nl>


To subscribe or unsubscribe via the World Wide Web, visit
https://clicktime.symantec.com/15sLvSnQiCYz3zbWuU3XE?h=RW_dJ2pY-Omm1bqb5MalE9rixIcvNQ8EtpMrHUokwK4=&u=https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users <https://clicktime.symantec.com/15sLvSnQiCYz3zbWuU3XE?h=RW_dJ2pY-Omm1bqb5MalE9rixIcvNQ8EtpMrHUokwK4=&u=https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users>
or, via email, send a message with subject or body 'help' to
unbound-users-request at lists.nlnetlabs.nl <mailto:unbound-users-request at lists.nlnetlabs.nl>


You can reach the person managing the list at
unbound-users-owner at lists.nlnetlabs.nl <mailto:unbound-users-owner at lists.nlnetlabs.nl>


When replying, please edit your Subject line so it is more specific
than "Re: Contents of Unbound-users digest..."




Today's Topics:


1. Re: Disable Serving expired with ttl=0
(George (Yorgos) Thessalonikefs)




----------------------------------------------------------------------


Message: 1
Date: Thu, 29 Jun 2023 12:50:02 +0200
From: "George (Yorgos) Thessalonikefs" <george at nlnetlabs.nl <mailto:george at nlnetlabs.nl>>
To: unbound-users at lists.nlnetlabs.nl <mailto:unbound-users at lists.nlnetlabs.nl>
Subject: Re: Disable Serving expired with ttl=0
Message-ID: <c4c2bfcb-8a6e-eb2c-d0e0-95e03ce04593 at nlnetlabs.nl <mailto:c4c2bfcb-8a6e-eb2c-d0e0-95e03ce04593 at nlnetlabs.nl>>
Content-Type: text/plain; charset=UTF-8; format=flowed


Hi Sankar,


A TTL of 0 does not mean that the record is expired.
Unbound returns the non-expired (0 TTL) record and starts prefetching; 
since I see that this is enabled in the configuration.


If you query 1 second later when the record is expired, Unbound will go 
to the network instead.


Best regards,
-- Yorgos


On 29/06/2023 12:26, Raman, Sankar via Unbound-users wrote:
> Hello:
> 
> I am working on replacing libcares with unbound for my client on an 
> OpenWrt platform. I am using async mode ( ub_resolve_async() ) for DNS 
> queries and unbound is used as a forwarding server and not authoritative 
> one. serve-expired is left at default which is 'no..
> 
> The issue I am facing is the application that uses unbound maintains its 
> own cache and on expiry of ttl re-queries unbound which immediately 
> returns an answer with ttl=0 and then sends a fresh query out. This is 
> not desirable for our application. If the application re-queries after 
> tt+1 second then unbound returns answer from fresh query instead serving 
> expired with ttl=0.
> 
> 1. Why does unbound return expired record with ttl=0 when serve-expired 
> is left at default which is 'no.
> 
> 2. Why does unbound always sends out new query only after 1 sec after 
> ttl expiry instead of immediately sending new query?
> 
> Very First Query
> 
> Application ---> Query ----------------->?????? Unbound
> 
> 
> ???????????????????????????? Unbound ---> Query ---> Authoritative DNS 
> Server
> 
> 
> ??????????????????????????????? Unbound ?<--- Answer (ttl = t) <--- 
> Authoritative DNS Server
> 
> Application <--- Answer (ttl = t) < ----------Unbound
> 
> After ttl t secs expiry, Second Query
> 
> Application ---> Query ----------------->?????? Unbound
> 
> Application <--- Answer (ttl = 0) < ---------Unbound. (*NOT DESIRABLE*)
> 
> ??????????????????????????????????????????????????????????????????????????????? Unbound 1 sec wait (*NOT DESIRABLE*)
> 
> 
> ???????????????????????????? Unbound ---> Query ---> Authoritative DNS 
> Server
> 
> 
> ??????????????????????????????? Unbound? <--- Answer (ttl = t) <--- 
> Authoritative DNS Server
> 
> This process of getting back ttl=0 repeats for all subsequent re-queries 
> on ttl expiry and Application gets orig ttl only from answer to very 
> first query.
> 
> As can be seen from the attached wireshark, the lowest ttl=5 and my 
> application re-queries every 5 seconds but unbound sends query out only 
> after 6 seconds as can be seen in wireshark.
> 
> Attached unbound.conf.
> 
> Any help will be appreciated.
> 
> Thanks
> 
> Sankar Raman
> 
> 
> 
> *Disclaimer*
> 
> This e-mail together with any attachments may contain information of 
> Ribbon Communications Inc. and its Affiliates that is confidential 
> and/or proprietary for the sole use of the intended recipient. Any 
> review, disclosure, reliance or distribution by others or forwarding 
> without express permission is strictly prohibited. If you are not the 
> intended recipient, please notify the sender immediately and then delete 
> all copies, including any attachments.
> 




------------------------------


Subject: Digest Footer


_______________________________________________
Unbound-users mailing list
Unbound-users at lists.nlnetlabs.nl <mailto:Unbound-users at lists.nlnetlabs.nl>
https://clicktime.symantec.com/15sLvSnQiCYz3zbWuU3XE?h=RW_dJ2pY-Omm1bqb5MalE9rixIcvNQ8EtpMrHUokwK4=&u=https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users <https://clicktime.symantec.com/15sLvSnQiCYz3zbWuU3XE?h=RW_dJ2pY-Omm1bqb5MalE9rixIcvNQ8EtpMrHUokwK4=&u=https://lists.nlnetlabs.nl/mailman/listinfo/unbound-users>




------------------------------


End of Unbound-users Digest, Vol 42, Issue 9
********************************************

Disclaimer

This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20230629/db32581d/attachment.htm>

More information about the Unbound-users mailing list