I am looking for a way to make unbound hold queries for the same address lookup when it is not cached. It should let only one query to be processed, after that answer cached it can reply other queries from that cache.
Is there such an option?
Asked
Active
Viewed 145 times
1
-
1Why do you need that? Because technically this is how a recursive resolver works by querying and caching. The only question is, from a cold start, what happens with two same queries right at the same time, if both are forwarded or if it behaves as you describe. Only studying the code can answer this but if I have to bet I would bet on second case. Yet, it remains why you need this specific property (what harm if 2 queries are sent outside during that window?) and why specifically for `unbound`? FWIW, `dnsdist` is a swiss-knife of advanced DNS needs, maybe it can do what you want. – Patrick Mevzek Dec 23 '21 at 23:33
-
@PatrickMevzek possible use case is when an app makes DNS requests with a very short timeout to a slow DNS server and immediately repeats requests if it didn't get an answer so it floods DNS servers with requests. Using `unbound` seems to be a natural approach to isolate such an app from the primary DNS servers. – AlexD Dec 24 '21 at 07:35
-
" possible use case is when an app makes DNS requests with a very short timeout to a slow DNS server and immediately repeats requests if it didn't get an answer so it floods DNS servers with requests. " 1) However that will happen just once at start, after which the results are cached 2) I didn't study unbound code but I suspect it is smart enough to detect that case and do the appropriate things (hold off multiple similar requests). That would be easy to test, just run it, monitor outgoing traffic and send 2 identical DNS queries to it at the same time. – Patrick Mevzek Dec 24 '21 at 15:33
-
@PatrickMevzek I am expecting very high query rate on this, unbound will stand against clients and isolate my auth dns servers. I know this is very edge case but in that case the number of queries won't be 2 or 200 in my environment, I will have many clients. I am going to test the way you suggested, thanks. – Çiçek Adam Dec 24 '21 at 20:34