Thanks for the hint Simon, I have dropped the TTL to 10 and confirmed that the dig output has it as "10" through unbound. Also I checked that the TTL drops per second and the query gets refreshed after those 10 sec expire.
$ dig client.example.com @127.0.0.1 ... ;; ANSWER SECTION: client.example.com. 10 IN A 192.168.122.115 In addition between the steps I flushed the clients unbound cache to be sure: $ sudo unbound-control flush_zone example.com ok removed 4 rrsets, 1 messages and 0 key entries With that I shut down the slave and waited for the timeout - still fast to resolve. I then started the slave again and stopped the master - still fast to resolve from the client. Something is still missing - some more caching I don't know of maybe? :-/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1732150 Title: Unbound behaviour changes (wrong) when domain-insecure is set for a stub zone with multiple stub-addr(s) To manage notifications about this bug go to: https://bugs.launchpad.net/unbound/+bug/1732150/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
