From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [RFC] unbound: Increase timeout value for unknown dns-server Date: Mon, 25 Jan 2021 20:50:14 +0000 Message-ID: <8D509537-653C-402D-8A6D-4318756443F7@ipfire.org> In-Reply-To: <12e9159f-727e-b8d1-a8a8-a22715dbad69@gmail.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1717005704711336396==" List-Id: --===============1717005704711336396== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, > On 25 Jan 2021, at 20:29, Paul Simmons wrote: >=20 > On 1/25/21 1:23 PM, Michael Tremer wrote: >> Hello everyone, >>=20 >> So what does that leave us with? >>=20 >> Should we drop the patch because it does not change anything and the corre= ct solution would be using TCP as underlying protocol? >>=20 >> -Michael >>=20 >>> On 19 Jan 2021, at 06:22, Paul Simmons wrote: >>>=20 >>> On 1/16/21 2:13 AM, Tapani Tarvainen wrote: >>>> On Fri, Jan 15, 2021 at 09:02:08PM -0600, Paul Simmons (mbatranch(a)gmai= l.com) wrote: >>>>=20 >>>>>>> echo 'unknown-server-time-limit: 1128' >/etc/unbound/local.d/timeouts >>>>> I've found that UDP doesn't work at all. TCP with "timeout" mod never >>>>> fails. >>>> You might also try if UDP works with >>>>=20 >>>> delay-close: 1500 >>>>=20 >>>> instead of or in addition to the unknown-server-time-limit. >>>>=20 >>> Howdy! >>>=20 >>> I tried UDP with both mods ('unknown-server-time-limit: 1128' && 'delay-c= lose: 1500'). Unfortunately, I experienced intermittent resolution errors. >>>=20 >>> Am now using TCP... no apparent errors, but resolution is SssLllOooWww, = just as before. >>> (total.recursion.time.avg=3D4.433958 total.recursion.time.median=3D3.6542= 9 total.num.recursivereplies=3D1515) >>>=20 >>> Thank you for your efforts. Latency on "HughesNot" is insurmountable, bu= t (barely) beats no connectivity. I hope to try Starlink, if/when it becomes= available for my latitude (30.9 North). >>>=20 >>> Paul >>>=20 >>> --=20 >>> It is hard for an empty bag to stand upright. -- Benjamin Franklin, 1757 >>>=20 > I haven't studied the metrics from unbound, so can't say if the modified ti= meouts help to avoid retransmissions. >=20 > As of this moment, TCP works, albeit slowly. If you'd rather drop the patc= h, I'm okay with that. Yes, TCP should always work and it will be much faster with Core Update 154 s= ince the connections remain open. We can always come back to this thread if there is any reason in the future. > Thanks for all the effort! Thank you very much for your testing, too! Best, -Michael > Paul --===============1717005704711336396==--