On Mar 21, 2013, at 5:05 AM, "W.C.A. Wijngaards" <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Olafur, > > On 03/15/2013 03:30 PM, Olafur Gudmundsson wrote: >> >> Basically what I want is a configuration option that allows me to >> specify the preferred transport protocol something like: forwarder: >> <blash> prefer TCP; or tcp-forwarder: <blah> or udp-forwarder: >> <blah> > > Such detailed config is not available, did you know the following > option is already implemented? > tcp-upstream: yes I will try that one, and see what else breaks :-) > > If you set this, all communication with upstream (whether forwarding > or not forwarding) is done over TCP. You can also add config as a > forwarder, and thus have TCP forwarding. > > If you are really paranoid, you can even use SSL-wrapped transport > with unbound, but this is trickier to set up (and it does not do > actual X509 PKI checks, just encapsulates the traffic). I'm not paranoid :-) > > Best regards, > Wouter > Olafur >> The reason for this is forwarders close to the edge send bursts of >> queries and then go silent, thus if the burst is sent over TCP the >> overhead of setting up and closing the TCP connection is amortized. >> >> >> The forwarder should close the TCP connection after going silent >> for a short time (10seconds ?) or just leave the closing of the >> connection to the server. >> >> Olafur >> >> >> _______________________________________________ Unbound-users >> mailing list [email protected] >> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users >> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.13 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJRSs1uAAoJEJ9vHC1+BF+N0/kP/2lh1L/x8wLanNzohSrfDYMP > L0pAbxYyOlUu4LE3Z90fJx9y/AEl1oCtJxkNGCtSi/JrzwzHu7EVEo+U1FwxFxn3 > uubPdi3jJoRFbP3eTthYfzqMq44fNya7DJUkTA4x5X/NU6XUJVzvtpjqfXDmemLE > QYDZ7oZt2abneR90q7quRro46C71qv0MopccAzQ8nyiwZNOFYpwayvkLm7L1GLx2 > hYmOZ+nb5U8f0UMeT5rKMr8dKwYrB21zEKTIyZvwstLQjBUebD8LW3UVndUrn0kd > dHUN39UYKWqtqhfPUH/1/USNSDFDKPJS0BmnSQf7ux8rQLL2/xmPK5iBLqx8o4BA > UN5K4dEv2oMAx3eHP9Dz33m9qaELBXdQv38yjEL+aaBLphFe/Dk8LSyT+s5TMdzP > XvDM/qASq9Hy8FBf9HPGMsYaXK867E1b/F1KAWT3vVmNZSQk9LGycUuhtwm+RDCf > 1hkELJvXENHOB5wkAeZbL1/KybJx9O+k3vQI8wLQj7Mkgd4xasa1CusK7xYU9z9M > t82Mf7+UibVkjapF4L41qYpbEp5DhK65che6HKFcOC84LvmBYZfRN1gE9wVLNYyY > nJvfKPFCaJNpVMrxRLbYV939RtK0IMLLGvsIfRbZixa63XY20TiZaeMwEkHig+CG > dwb3W0YxzbwZk98+aE0W > =Q0aY > -----END PGP SIGNATURE----- > _______________________________________________ > Unbound-users mailing list > [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
