Nick B <djbloc at gmail.com> wrote: > > I've a running installation of Unbound in the United Kingdom and it > seems to work well. However, with an empty cache it is notable that > some queries take longer than others. Using dig with the +trace option > it can be shown that it can take up to a second to respond. > This is completely expected and normal behaviour. It is akin to grumbling "when I empty my web browser cache, websites take longer to load". If it really is a problem, then I recommend as part of your startup, you have a script that fires a pile of DNS queries at unbound to pre-fetch and warm up your cache. > Using ping the average response of the root servers are: > ping != latency > A.ROOT-SERVERS.NET - 106ms > B.ROOT-SERVERS.NET - 152ms > C.ROOT-SERVERS.NET - 94ms > D.ROOT-SERVERS.NET - 80ms > E.ROOT-SERVERS.NET - ?? > F.ROOT-SERVERS.NET - 147ms > G.ROOT-SERVERS.NET - ?? > H.ROOT-SERVERS.NET - ?? > I.ROOT-SERVERS.NET - 35ms > J.ROOT-SERVERS.NET - 22ms > K.ROOT-SERVERS.NET - 1ms > L.ROOT-SERVERS.NET - 57ms > M.ROOT-SERVERS.NET - 247ms > Alas these numbers tell you very little. You should look at what '+trace' tells you about each hop. > Does or can unbound be configured to prioritise recursive queries > using the lowest RTT values, maybe from the Infra cache? In this > instance 'K' is preferable to 'M' for example. > Question is, especially for the root nameservers, is it worth it? There are only ~300 TLD's and once you have looked up .com, you should technically not be querying the root name servers for .com for another 48 hours. In short, the real solution is not to empty your cache :) Alternatively there are some DNS resolvers out there that can store the cache to disk on exit and reload it on starting (deadwood is one that comes to mind). Cheers  http://data.iana.org/TLD/tlds-alpha-by-domain.txt  http://www.maradns.org/download.html -- Alexander Clouter .sigmonster says: BOFH excuse #394: Jupiter is aligned with Mars.