I have a hardware firewall which acts as local resolver. I want to
replace the DNS part on the firewall with unbound and I'm using quite a
basic configuration from CENTOS7.
The new setup is like this:
internet <-> firewall <-> unbound server
What I experience is that dns queries to domains i never queried before
(thus making sure the query i not cached) is "slow" on on unbound.
A query to such a domain can easily take some hundreds milliseconds,
whereas on the Firewall resolver, the same querry is rarely higher than
A second querry is alway very fast (0-1 ms), which is no surprise.
When I run the provided warmup script from the package (also available
this takes about 25 - 35 seconds when run for the first time.
# time /root/bin/warmup.sh
Is this normal? What are your experiences? What could be the reason for
the diverging query times on the firewall resolver and unbound?