Maintained by: NLnet Labs

[Unbound-users] Resolve failures when using forwarders that do recursion

lst_hoe02 at kwsoft.de
Fri Mar 7 11:44:58 CET 2014


Zitat von "W.C.A. Wijngaards" <wouter at nlnetlabs.nl>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Florian,
>
> I have implemented a completely different option, does that meet your
> needs?  It is called delay-close: msec.  If you set eg. delay-close:
> 1500, then when a UDP socket timeouts that port is kept open for 1500
> msec afterwards.  Meanwhile unbound continues (but a socket is still
> in use) as normal.
>
> Only the right ID, IPaddr is accepted on that port; bad packets are
> added to the unwanted_replies counter.  The right ID,IP also closes
> the port.
>
> This keeps ports open for a little while longer, without impacting the
> rest of unbound.
>
> Do you like this option, or do you (also-) want me to accept your patch?
>
> Best regards,
>    Wouter
>

Hello,

will this be available in Unbound 1.4.22?? It also might solve our  
problem with cascaded Unbound and slow host resolving like the  
esta.cbp.dhs.gov.

Regards

Andreas