Maintained by: NLnet Labs

[Unbound-users] forward zone order

Will Yardley
Wed Jan 14 23:00:31 CET 2015


On Wed, Jan 14, 2015 at 08:54:52AM +0100, W.C.A. Wijngaards wrote:
> On 01/14/2015 02:10 AM, Will Yardley wrote:
> > On Tue, Jan 06, 2015 at 09:50:32PM -0800, Will Yardley wrote:
> > 
> >> I had expected that the behavior would be to prefer the first in
> >> the list, however, from a couple things I noticed today, I'm not
> >> so sure.

> > I verified that a significant amount of traffic is being sent to
> > the second forwarder. Short of using external software or setting
> > up an internal load-balanced VIP, is there any way with unbound to
> > prefer a specific forwarder (in this case, the local one), except
> > as a failover?

> Yes a stub is better if they are authoritative, likely saves
> processing for unbound.  The behaviour is the same, it randomly
> chooses, based on the ping-times of the servers.  There is the
> forward-first: option, but I am unsure if it does what you want
> (disable the stub clause temporarily if the local ip address fails for
> a minute or so).

Shouldn't localhost always be preferred if it's based on latency?
forward-first doesn't appear to do what I want from my reading of it.

forward-first (as I understand it) controls whether or not the public
zone is queried if none of the forwarders respond. In this case, I want
to only query my local mirrors, but I want to always prefer the one
listening on localhost if it's available.

I did verify that stub-zone behaves the same way as forward-zone.

It would be nice if future versions of unbound had the option to control
the behavior, rather than assuming the "smart" solution will work for
everyone.

w