Maintained by: NLnet Labs

[Unbound-users] forward-zone bug (out of query targets -- returning SERVFAIL)

Dmitriy Demidov
Tue Nov 25 19:52:46 CET 2008


Hi Wouter.

Thanks for you answer! After I been changed infra-host-ttl for 60 sec, I got 
unbound back after "freaze" (correctly - looks like I just do not have much 
patience. With infra-host-ttl:900 I just can't wait him to came back :)

Now I will remember about this feature. Looks like 60 or 120 sec will be good 
enough for me.

Thanks. Good luck.



On Tuesday 25 November 2008, Wouter Wijngaards wrote:
> Hi Dmitriy,
>
> What is happening is that the server has blacklisted the forwarder IP
> address.  Because it does not answer any queries (it has to be
> unreachable for about 2 minutes or more for that to happen).
>
> This blacklist has a TTL of 15 minutes, by default.
> You can set it in the config file.
>
> infra-host-ttl: 900   # default 900 seconds
> You could set it to infra-host-ttl: 60
>
> It would then come back up within a minute after the connection is
> reestablished.
>
> This config parameter also sets how long roundtrip times and
> EDNS-support is cached.  This cache is not cleared when you do a reload
> command.
>
> So, although this all exactly explains what is happening to you.  And
> there is a config setting to workaround the problem.  I do not know how
> I can help to fix it.
>
> Best regards,
>    Wouter