On 10/02/2012 08:54, W.C.A. Wijngaards wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Stephane,
On 02/10/2012 02:42 PM, Stephane Bortzmeyer wrote:
On Thu, Feb 09, 2012 at 08:29:42AM +0100,
Attila Nagy<[email protected]> wrote
a message of 269 lines which said:
It seems the problem is that facebook DNS servers time out on AAAA
records, so unbound gets the false assumption that they are
unavailable.
I would say "unbound gets the correct assumption that they are
out-of-order".
http://status.aa.net.uk/apost.cgi?incident=1392
An update to looking at unbound's code. The log excerpt previously has
some code-paths printed out that are impossible; from the code this
output should not be possible. That indicates trouble at compiletime;
however, there is no resolution on this.
Additionally, in unbound's svn trunk, there is a patch that unlinks A,
AAAA, and other-type timeouts. Thus if AAAA lookups timeout, then A
lookups will still cause a query to be sent out. (up to a small limit,
enough to catch these cases as working, but very small for the qps to
actual offline servers).
Given that the load-balancer in question in non DNS compliant why do
extra work to work around the brokeness.
If enough resolvers say broken the load-balancer will get fixed.
Olafur (who has been arguing this now for 10 years, and we still have
broken load balancers because resolvers are too accomodating)
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
