Bugzilla – Bug 762
please add strict order feature for forwarders
Last modified: 2017-07-25 16:38:07 CEST
I want to add more than one forwarder so I have redundancy, but I only want the non primary dns server(s) used when the first fails. Not randomly picked.
Can you add a configuration option to make the forwarders processed in order instead of randomly?
I also want to have many forwarders (say 20), but for sake of privacy.
By monitoring my UDP traffic, it seems that several servers are chosen in parallel.
Are you sure than only one server is randomly picked?
What's the implemented randomization policy?
Well its not random but rather fastest response I think, but to me that is not what I want.
It correspond to what one reads on https://www.unbound.net/documentation/info_timeout.html
> "The fastest server (randomly picked within a so-called RTT band of 400 msec) is selected when a query has to be sent out"
Also, in "doc/requirements.txt", there is the following, but I'm not sure it applies
> The draft describes to back off to the next server, and go through all
> servers several times. Unbound goes on get the full list of nameserver
> addresses, and then makes 3 * number of addresses queries.
> They are sent to a random server, but no one address more than 4 times.
> It succeeds if one has 0x20 intact, or else all are equal.
> Otherwise, servfail is returned to the client.
In both cases, we need to configure the upstream server choice policy, something like:
- backoff (current default?)
- strictorder (your case)
- random (my case)
- roundrobin (as the rotate option of resolv.conf)
These are interesting features, but server selection is very complicated as a topic. Not sure if many people want this (and just adding options that will be very bad for the user, or nobody needs is not something I want to do). So I am not really sure what to do here.
Best regards, Wouter