On 1/6/21 4:17 AM, Jonatan Schlag wrote:
When unbound has no information about a DNS-server a timeout of 376 msec is assumed. This works well in a lot of situations, but they mention in their documentation that this could be way too low. They recommend a timeout of 1126 msec for satellite connections (https://nlnetlabs.nl/documentation/unbound/unbound.conf). Settings this value to 1126 msec should make the first queries to an unknown server, more useful. They do not timeout and so these queries do not need to be sent again.
On a stable link, this behaviour should not have negative implications. As the first result of queries arrive the timeout value gets updated, and the high value of 1126 msec gets set to something useful.
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org
config/unbound/unbound.conf | 1 + 1 file changed, 1 insertion(+)
diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf index f78aaae8c..02f093015 100644 --- a/config/unbound/unbound.conf +++ b/config/unbound/unbound.conf @@ -62,6 +62,7 @@ server:
# Timeout behaviour infra-keep-probing: yes
unknown-server-time-limit: 1128
# Bootstrap root servers root-hints: "/etc/unbound/root.hints"
This sounds promising to me, as I have many DNS lookup timeouts (ISP is HughesNot, er, HughesNet).
+1
Paul