[Unbound-users] timeout problemes with microsoft dns'

lst_hoe02 at
Wed May 16 18:31:20 CEST 2012

Zitat von Klaus Ethgen <klaus+usenet at>:

> Hello,
> I have a strange problem which I have no clou how to solve it at the
> moment.
> I am using unbound as nameserver for a mail solution (exim). This works
> well in the most cases. But with several domains such as I
> get random resolving problems that ends with a negative answer in cache
> so the subsequent queries also give negative answer. I have to flush the
> whole cache to get the domain resolved after such a failure.
> The only common between the domains I have problems with is that they
> seems to use mikkysoft DNS solutions. They seems to answer sometimes to
> slow to queries. I still increase the jostle-timeout as this seems to be
> the only parameter I can tune to handle this problem. But there are
> still resolving problems with that hand full of domains.
> Has anybody an idea what to do? As is not that uncommon it
> is not a problem I can ignore.

Double check that you are able to receive DNS packets >512Byte either  
with EDNS or TCP. Have a look at this test:

There are no specific problem known about Unbound and MS-DNS Servers,  
but the problems with DNS packets bigger 512 Bytes still raise and  
will get worse with DNSSEC.