Using unbound 1.4.12, dig -t ns dir.slb.com.
It does not return, it returns instantly against bind. :-| A few things: 1. That name has a lot of NS answers (7000+ byte reply) according to ns3.slb.com. It appears to return a truncated answer and then forces clients (and probably unbound) to retry using TCP. 2. unbound doesn't return. The query runs for hours/days/forever, inside unbound. It doesn't time-out! Digging into env->mesh->all.root and seen 100's of answers, and yet no response. Is it waiting for a COMPLETE answer? Even though it has a huge answer already? 3. dig to Google (8.8.8.8) goes to tcp and doesn't return an answer either! 4. When this happens, num_addr_replies gets incremented and seems to never go down! As more stuff comes in for that (or children), the value of num_addr_replies grows. We know that this value growing infinitely is bad as there is a 16x limit in the code (against max_reply_states) before incoming queries get dropped. 5. This looks like it has been a problem in the past: http://www.unbound.net/pipermail/unbound-users/2010-September/001369.html Any advice on direction here. Happy to help. -Rob _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
