Maintained by: NLnet Labs

[Unbound-users] forward-zone bug (out of query targets -- returning SERVFAIL)

Aaron Hopkins
Wed Nov 26 21:49:26 CET 2008


On Wed, 26 Nov 2008, W.C.A. Wijngaards wrote:
> Implemented in svn trunk that if all the servers are blacklisted, then
> 99% of queries are stopped.  So, very busy domains get polled more
> often, without being a hindrance in traffic volume. Quiet domains get
> the normal 15 minute timeout.

This works out to a 50% chance of unblacklisting an IP within 67 queries,
80% within 161 queries, 90% within 230 queries, and 95% within 299 queries.
While I applaud the effort, doesn't it seem kind of strange to have the
behavior of the server be non-deterministic?

If you don't want to bloat the infrastructure cache with TTLs for this, how
about a global or per-thread rate-limit instead?

                                     -- Aaron