--On 17 September 2012 09:22 +0200 "W.C.A. Wijngaards"
<[email protected]> wrote:
There is no setting in the config file, but there is a constant in the
software code, in util/data/msgparse.h:78, NORR_TTL. You can change
this to a higher value and recompile if you want to store failed
queries for a longer time.
This would dramatically cut the number of these queries being
issued against our forwarders.
But, the problem with a large timeout here, and the reason for this
'fairly short but nonzero value' there is now, is that for many
queries, a retry may solve the situation. A large value here would
turn a temporary failure that would otherwise be unnoticed after it
works a minute later, into a longterm failure.
Ok, that's is obviously a valid point - which we'll bear in mind. I think
looking at our query load, we could get away with setting that to either
30s or 1 minute. We tend to find these queries for invalid domains arrive
in 'blocks' - 30s or 1m would be long enough to ensure they all 'fail' from
cache - but should be short enough that it doesn't mess up for sites that
genuinely return an error for a 'short period' - but I do take your point
on board.
tbh - Most the sites we see returning this kind of error look like typos,
abandoned domains - or other 'nasties'.
I'll have a look at re-compiling with that adjustment, and see how we get
on.
Thanks,
-Karl
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
