Disabling TCP use causes issues?

2018-08-02 Thread RayG via Unbound-users
I decided to try using unbound without enabling TCP so I set "do-tcp: no" Then I was using the program I have to copy over the settings file and this includes obtaining any updated roots.hints file from ftp.internic.net as "ftp://ftp.internic.net/domain/named.cache;

Re: Disabling TCP use causes issues?

2018-08-02 Thread Petr Špaček via Unbound-users
Hello Ray, in general TCP is mandatory for proper DNS operation so I would recommend you not to waste time on non-TCP DNS. It will just break in various situations as you saw yourself. Please see standard https://tools.ietf.org/html/rfc7766 which reinforces mandate for TCP support in DNS:

stub/forward-no-cache: patch

2018-08-02 Thread Bjoern A. Zeeb via Unbound-users
Hi, sometimes people run unbound as local resolver for a larger network, yet want more immediate changes for their own (internal) zone(s) (ignoring TTL) being visible trying to use stub/forward for this. The easiest way to accomplish this is to prevent answers from going into the cache or

Re: stub/forward-no-cache: patch

2018-08-02 Thread publicarray via Unbound-users
Hi Bjoern, Just wanted to make you aware of https://tools.ietf.org/html/draft-bellis-dnsop-xpf-04. I think implementing this is a better way to do this but congrats on finding your own fix. Regards, Sebastian > On 3 Aug 2018, at 8:21 am, Bjoern A. Zeeb via Unbound-users > wrote: > > Hi, >

Unbound 1.7.2 - A lookups being performed for NAPTR requests.

2018-08-02 Thread Jon via Unbound-users
We are using a stub zone to forward NAPTR requests to two servers. The maintainers of the servers that handle the NAPTR requests are saying that they are seeing non NAPTR requests. I ran a tcpdump and sure enough A requests are being run before almost all of the NAPTR requests. The DNS clients

Re: stub/forward-no-cache: patch

2018-08-02 Thread Bjoern A. Zeeb via Unbound-users
On 2 Aug 2018, at 23:09, publicarray via Unbound-users wrote: Hi Sebastian, Just wanted to make you aware of https://tools.ietf.org/html/draft-bellis-dnsop-xpf-04. I think implementing this is a better way to do this but congrats on finding your own fix. this has nothing to do with what my

Re: EDNS module Performance

2018-08-02 Thread Wouter Wijngaards via Unbound-users
Hi Alexandre, On 08/02/2018 12:07 PM, Alexandre Wicquart via Unbound-users wrote: > Hello, > > > I'm currently benchmarking EDNS client module for unbound and i can > handle about 75/80% less than before. > > > The tests are made on a Debian Stretch 9.5 with unbound 1.7.3 (I have > the same

EDNS module Performance

2018-08-02 Thread Alexandre Wicquart via Unbound-users
Hello, I'm currently benchmarking EDNS client module for unbound and i can handle about 75/80% less than before. The tests are made on a Debian Stretch 9.5 with unbound 1.7.3 (I have the same results with 1.6.7). My server can handle about 280k req/sec without UDP errors and a minimal