Maintained by: NLnet Labs

[Unbound-users] Can't resolve

Olafur Gudmundsson
Sat Feb 11 19:41:58 CET 2012

On 10/02/2012 08:54, W.C.A. Wijngaards wrote:
> Hash: SHA1
> Hi Stephane,
> On 02/10/2012 02:42 PM, Stephane Bortzmeyer wrote:
>> On Thu, Feb 09, 2012 at 08:29:42AM +0100,
>>   Attila Nagy<bra at>  wrote
>>   a message of 269 lines which said:
>>> It seems the problem is that facebook DNS servers time out on AAAA
>>> records, so unbound gets the false assumption that they are
>>> unavailable.
>> I would say "unbound gets the correct assumption that they are
>> out-of-order".
> An update to looking at unbound's code.  The log excerpt previously has
> some code-paths printed out that are impossible; from the code this
> output should not be possible.  That indicates trouble at compiletime;
> however, there is no resolution on this.
> Additionally, in unbound's svn trunk, there is a patch that unlinks A,
> AAAA, and other-type timeouts.  Thus if AAAA lookups timeout, then A
> lookups will still cause a query to be sent out.  (up to a small limit,
> enough to catch these cases as working, but very small for the qps to
> actual offline servers).

Given that the load-balancer in question in non DNS compliant why do 
extra work to work around the brokeness.
If enough resolvers say broken the load-balancer will get fixed.

	Olafur (who has been arguing this now for 10 years, and we still have 
broken load balancers because resolvers are too accomodating)