Maintained by: NLnet Labs

[Unbound-users] Unbound and Round Robin DNS

Paul Wouters
Fri Aug 21 15:53:51 CEST 2009


On Fri, 21 Aug 2009, Gareth Hopkins wrote:

> I am in the process of testing unbound and have found the following with round robin dns entries.
> 
> Using www.cnn.com as an example, unbound gives me the same answer (157.166.255.19) everytime whereas bind
> gives me the intended different answers. Example below.
> 
> Command used was while true; do date; nslookup www.cnn.com| head -n6 ; sleep 1; done

dig against unbound gives me :

;; ANSWER SECTION:
www.cnn.com.		266	IN	A	157.166.224.26
www.cnn.com.		266	IN	A	157.166.226.25
www.cnn.com.		266	IN	A	157.166.226.26
www.cnn.com.		266	IN	A	157.166.255.18
www.cnn.com.		266	IN	A	157.166.255.19
www.cnn.com.		266	IN	A	157.166.224.25

Seems like they use a TTL of 300. Asking unbound with nslookup gives all 6
records, but I guess unbound is not cycling them in any way, so you keep
getting the first record. Perhaps Wouter can explain that part, as I am
sure some conscious design decision has gone into that.

But in 300 seconds, things will change. For me, the list got returned
the second time as:

;; ANSWER SECTION:
www.cnn.com.		300	IN	A	157.166.255.19
www.cnn.com.		300	IN	A	157.166.224.25
www.cnn.com.		300	IN	A	157.166.224.26
www.cnn.com.		300	IN	A	157.166.226.25
www.cnn.com.		300	IN	A	157.166.226.26
www.cnn.com.		300	IN	A	157.166.255.18

So to my applications (eg ping) their address changed from 157.166.224.26
to 157.166.255.19.

Paul