> My second question is what the expected behaviour of unbound is for > TCP connections that are idling. From unbound.conf(5) I see > "tcp-idle-timeout" defaults to 30000ms, so this tells me a TCP > connection being silent for 30 seconds will be dropped but maby this > only matters until we have seen an initial query and will then leave > the connection forever? > > I tracked down the file descriptor for one of the TCP connections to > unbound, found it was created over 12 hours ago, and then filtered > for traffic for the host and port that was holding the connection > with tcpdump, and not a single packet appeared for the several > minutes I was running it.
As you may have seen, I recently had an "encounter" with unbound related to handling of TCP sessions, and it looks like there was a bug that caused unbound with TCP client sessions which had seen an initial query + response not to re-arm the TCP idle timeout for that session. The patch in the pull request at https://github.com/NLnetLabs/unbound/pull/122 should be a fix for this issue if I read the code correctly. If you are able to do some testing / validation of this, that would be greatly appreciated. Best regards, - HÃ¥vard
