Likun Zhang
Sun Sep 18 14:04:56 CEST 2011


On Friday, September 16, 2011 5:27 PM, Wouter wrote:
> Yes, it has 283 nameserver entries and 280 addresses (that I can find).
>  I have tried them, but they do not reply.  They time out.
> So what happens is that unbound quietly starts probing this very long
> list.  It will take some time to do this.  If space becomes a problem,
> this query is the oldest and gets removed.
> You say that bind returns.  How does it get an answer?  None of the IPs
> associated with the domain return UDP replies.  Perhaps it returns the
> NS set from the referral as the answer?  Unbound refuses to do this for
> security reasons.

I think bind9 will return one SERVFAIL message, once it can't get response for one query(when all the nameservers don't response) in 30 seconds.