Maintained by: NLnet Labs

[Unbound-users] timeout problemes with microsoft dns'

lst_hoe02 at kwsoft.de
Wed May 16 18:31:20 CEST 2012


Zitat von Klaus Ethgen <klaus+usenet at ethgen.de>:

> Hello,
>
> I have a strange problem which I have no clou how to solve it at the
> moment.
>
> I am using unbound as nameserver for a mail solution (exim). This works
> well in the most cases. But with several domains such as hotmail.com I
> get random resolving problems that ends with a negative answer in cache
> so the subsequent queries also give negative answer. I have to flush the
> whole cache to get the domain resolved after such a failure.
>
> The only common between the domains I have problems with is that they
> seems to use mikkysoft DNS solutions. They seems to answer sometimes to
> slow to queries. I still increase the jostle-timeout as this seems to be
> the only parameter I can tune to handle this problem. But there are
> still resolving problems with that hand full of domains.
>
> Has anybody an idea what to do? As hotmail.com is not that uncommon it
> is not a problem I can ignore.

Double check that you are able to receive DNS packets >512Byte either  
with EDNS or TCP. Have a look at this test:  
https://www.dns-oarc.net/oarc/services/replysizetest

There are no specific problem known about Unbound and MS-DNS Servers,  
but the problems with DNS packets bigger 512 Bytes still raise and  
will get worse with DNSSEC.

Regards

Andreas