Ive been using this for a couple days as simple as it is, it works pretty good.
The sleep is required because the stop issues an "ok" but the program is still
running, (cant bind port)
Occasionally we see an ssl error, on the load_cache line, but it does load all
the records "~ok~" and works.
unbound-control dump_cache > /root/dump_cache.data;
unbound-control stop;
sleep 2;
unbound-control start;
cat /root/dump_cache.data | unbound-control load_cache;
is this the timeout for non existant domains? Is that what lame means?
# the time to live (TTL) value for cached roundtrip times, lameness and
# EDNS version information for hosts. In seconds.
# infra-host-ttl: 900
Or does this type of ttl not exist at this time?
I am also still wondering about the possablity for a non recursive
(cache/local) only acl.
<3 pfsense
-----Original Message-----
From: Unbound-users [mailto:[email protected]] On Behalf Of
Dave Warren
Sent: Saturday, February 22, 2014 9:46 PM
To: [email protected]
Subject: Re: [Unbound-users] testing unbound (coming from bind)
On 2014-02-20 16:14, James Starowitz wrote:
> Has anyone made a restart script that dumps cache to file, then restart and
> imports the cache back in?
pfSense has such a thing.
> Whats the likely hood that’s going to “work” reliably? :D
In theory, it should be possible, I suppose. pfSense's doesn't work reliably.
Do you find yourself restarting production unbound instances often enough that
dumping the cache causes operational issues?
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
_______________________________________________
Unbound-users mailing list
[email protected]
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
