Hello Ashok!
Am Donnerstag, den 16.06.2022, 23:08 +0530 schrieb ashok athukuri via Unbound-
users:
> Here is my unbound.conf:
> # The number of retries when a non-positive response is received.
> outbound-msg-retry: 5
> forward-zone:
> name: "."
> forward-addr: 10.0.0.240
First of all the option "outbound-msg-retry" must be configured below a
"server" clause. So your configuration should look like this:
server:
outbound-msg-retry: 5
forward-zone:
name: "."
forward-addr: 10.0.0.240
I am not sure, if you only missed that in your mail or also in the
config file.
> here is how I tested:
> on machine#1 ran command #dig @127.0.0.1 mx.dnstest.com MX
> My expectation is I should see 5 outgoing queries from Machine#1 to Machine#2
> as Machine#2 send Serve fail as a response
>
> Test Result:
> I see more than 5 outgoing msgs/queries (I see 9 msgs/queries) on Machine#1
> This behavior I am not able to understand with definition. I expect only 5
> msgs to Machine#2
It is correct that you might see more queries than the one configured
"outbound-msg-retry". Unbound will start to send probes to your
forwarders to measure the round trip time. The round trip distribution
will be used by unbound to decide when to send a second request for the
same request to the same forwarder, in case the UDP packet was been
dropped.
For your testing you an try to set the "infra-cache-min-rtt" to a high
value (something equal/higher than your DNS timeout value, i.e.
something in the some seconds range) and the check if you see less
outgoing queries.
Another way to test this is to send a lot of queries to your forwarders
to let unbound calculate the round trip distribution before sending your
test query.
Hope my explanation helps, since I am also only guessing what might had
happened on your systems.
Kind regards
Moritz
