Hi Andy, Isaac,
FYI, the relevant fixes [1] were merged and this will be included in the
upcoming 1.22.0 release.
An announcement in this mailing list will happen when that is ready.
Best regards,
-- Yorgos
[1] https://github.com/NLnetLabs/unbound/pull/1143
On 01/08/2024 20:07, Andy Lemin wrote:
Hi Yorgos,
Nice, yes that DNSSEC issue does seem related!
I notice the last comments were 6 months ago, but it has been marked for
1.22.
Issac, in the meantime we should each try to document our specific cases
with reproducible examples if possible (and reference the above issue).
Our issues may prove to be easier to start with.
Thanks again for your help.
Andy.
On 1 Aug 2024, at 16:35, Yorgos Thessalonikefs via Unbound-users
<unbound-users@lists.nlnetlabs.nl> wrote:
Hi Andy, Issac,
Maybe you are both hitting a variation of
https://github.com/NLnetLabs/unbound/issues/994.
Namely, Unbound when resolving will try to update the cache with new
data even if the stale data would have been more useful.
There is ongoing work to make Unbound more careful with replacing
cached content when serve-expired is used.
Best regards,
-- Yorgos
On 01/08/2024 04:46, Andy Lemin via Unbound-users wrote:
Hi,
I have a similar experience, where prefetch seems to poison the cache
with negative responses.
This is a good read; https://unbound.docs.nlnetlabs.nl/en/latest/
topics/core/serve-stale.html <https://unbound.docs.nlnetlabs.nl/en/
latest/topics/core/serve-stale.html>
Can any one clarify a parameter combination which allows immediate
cache responses, and which tells prefetch to always ignore negative
responses?
I wonder if taking the advice of the above article (and being mindful
of this https://github.com/NLnetLabs/unbound/issues/533 <https://
github.com/NLnetLabs/unbound/issues/533> it is possible to get this
working). Just can’t figure out how to force prefetch to ignore
negative responses.
Please share your results :)
Andy.
On 31 Jul 2024, at 20:33, sir izake via Unbound-users <unbound-
us...@lists.nlnetlabs.nl> wrote:
Hi
I have installed unbound version: 1.20.0 on a FreeBSD 14 server.
This was working fine until the server lost internet connectivity to
the upstream internet provider. Prior to this the average cache hit
rate on the server was 99.0% with only 1% recursive replies.
Part of my unbound.conf file is shown below
server: prefetch: yes serve-expired: yes
# serve-expired-ttl: 0
# serve-expired-ttl-reset: no
After loss of internet average cache hit rate has reduced to 14%
whiles recursive queries is showing 86% (still internet is not restored)
My expectation is
Caching server should continue to serve expired and keep the cache
hit rate high because the serve-expired-ttl is default
(meaning it should continue serving cached content until upstream is
restored).
My observation is the opposite. Is there anything I am missing? How
can i ensure that the caching server will continue serving cache
data several days after upstream
internet is lost
Regards
Isaac
