Bug 762 - please add strict order feature for forwarders
please add strict order feature for forwarders
Product: unbound
Classification: Unclassified
Component: server
All Linux
: P5 enhancement
Assigned To: unbound team
Depends on:
  Show dependency treegraph
Reported: 2016-04-30 20:02 CEST by ChrisC
Modified: 2017-07-25 16:38 CEST (History)
3 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description ChrisC 2016-04-30 20:02:40 CEST
I want to add more than one forwarder so I have redundancy, but I only want the non primary dns server(s) used when the first fails.  Not randomly picked.

Can you add a configuration option to make the forwarders processed in order instead of randomly?

Comment 1 Martin 2017-07-23 00:08:52 CEST
I also want to have many forwarders (say 20), but for sake of privacy.

By monitoring my UDP traffic, it seems that several servers are chosen in parallel.

Are you sure than only one server is randomly picked? 

What's the implemented randomization policy?
Comment 2 ChrisC 2017-07-23 00:21:21 CEST
Well its not random but rather fastest response I think, but to me that is not what I want.
Comment 3 Martin 2017-07-23 00:40:12 CEST
It correspond to what one reads on https://www.unbound.net/documentation/info_timeout.html

> "The fastest server (randomly picked within a so-called RTT band of 400 msec) is selected when a query has to be sent out" 

Also, in "doc/requirements.txt", there is the following, but I'm not sure it applies 

> The draft describes to back off to the next server, and go through all
> servers several times.  Unbound goes on get the full list of nameserver
> addresses, and then makes 3 * number of addresses queries.
> They are sent to a random server, but no one address more than 4 times.
> It succeeds if one has 0x20 intact, or else all are equal.
> Otherwise, servfail is returned to the client.

In both cases, we need to configure the upstream server choice policy, something like:

- backoff (current default?)
- strictorder (your case)
- random (my case)
- roundrobin (as the rotate option of resolv.conf)
Comment 4 Wouter Wijngaards 2017-07-25 16:38:07 CEST

These are interesting features, but server selection is very complicated as a topic.  Not sure if many people want this (and just adding options that will be very bad for the user, or nobody needs is not something I want to do).  So I am not really sure what to do here.

Best regards, Wouter