Maintained by: NLnet Labs

[Unbound-users] "peering" unbound servers together

Graham Beneke
Fri Apr 19 17:52:08 CEST 2013

I've been trying to figure out for a while what potential optimizations
may be possible on DNS resolvers the have high latency (50+ ms) to the
typical locations of authoritative servers in the USA and EU.

I could cluster them together in a parent-child arrangement in order to
get the maximum sharing of cached answers. This does however introduce
an undesirable upstream point of failure.

I was then thinking that the following process may yield an improvement:

A query is received from a stub resolver for which an answer is not
immediately available from the local cache. The resolver first forwards
this query to a neighbor resolver (hoping for a cache hit) and then
directly after that (or delayed by ~10 ms) begins its own full recursion.

We end up with 2 (or more) resolvers all racing to get to the answer
first. Whichever answer (neighbor or authoritative) is returned to the
original server first is then cached and returned to the stub.

This does mean that neighbor resolvers are potentially both doing the
same recursion at the same time but I'm not too worried about this. It
has the side effect of filling both caches with a valid answer which I
consider a good thing. The primary objective is the fastest possible
responses to the stub resolvers.

I don't see any immediately obvious way to build a configuration that
will do this - have I missed something?

How difficult is it likely to be to build this capability into unbound?

Graham Beneke