-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Ilya,
On 07/03/2013 04:03 PM, Phil Mayers wrote: > On 03/07/13 14:07, Ilya Bakulin wrote: > >> Please tell me if this problem has a chance to be fixed. > > I also think it would be good to alleviate this issue. It's polite > to the network and other hosts to properly receive reply packets to > your own requests, even if you no longer need them. The packets have timed out. We do not expect them any longer. A retry is probably sent over another port number (randomised) and thus uses a different socket. I do not know how to do what you ask - keep the port open for a reply that arrives later than expected, in a way that is good for performance and on resources. The time limit is 2*sigma based on past observations (a smoothed rtt). Performance will go down significantly when more sockets are kept open. Also sockets are a limited resource, and keeping them open means other requests cannot be dealt with. So, although I understand this ICMP port closed is troublesome, I do not know how to get rid of it. Is there something I can tell the kernel that stops the ICMP port closed (for UDP)? Should unbound listen to raw sockets and somehow remove the packet destined for an old port (but what if someone runs 'dig' and it uses a random port that unbound just previously used?). Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJR2svPAAoJEJ9vHC1+BF+NXpEQAI4Z4stfjBRgNMQ8neLgjVj2 OYJsxZdV0b6wjVyhrcnp2ioAjtu9Wu/LJYSsybOe22IEVevJnUV0JamNHHx4xu/4 yCmZ8p4VclNEqg9+L8O36mSkBM4u4ZJtwVQ/zOPX/m6RArj5kjB4T7ZOlA+uQ8H1 PZtQMmg1sdhddhGGZlOKuM8hoSh8aceTMRCqeFzBj2BFCEXp4/FFv+jUpyGvLC5E z/J9IPdC5CmKv4tLlvFgrEfxb19XVBLtEO8DbIBFVsPOFFePPeSsdMQkAW43DXPZ vCW9B3Rr8j/VjqpNvwFKnBJ1/L2k8MARXSf+TThzZx5jjQJl7VjrU6ma6BIfd+1T IN1M+As8Vy0uNO6G3DbSHciivIQC7FueOGx3vxmWNWkqumHJ6DNB5n3xn4h22UcJ vdqSjMuncbxN8dz+SMsNGOYCS6gcSw6iPxNt+XZH3/xmo0O0WAp0lOXLDtE2gj/0 MZsfP/Vmgbdn44phgEPbmF98RnelepO8pEyKyBuvjMYiDvrVWw6kt7HGnCA+x/Zz zVswgAxXsBtpH8I1VlIVc6s5Sitg76QkjrZiw9KZNMAIAjCtcZfbTWNeKYfh/aC4 2zXRpWaLetW3AvkVZW+CFxeWMty+o72TqHK39Xe5XqBVPxjyfBEEGy16ih72gLhw JYpO+I/JpvP419Wdlett =ug7g -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
