Hi Wouter, Thanks - I have tried your patch and I get the MX records when used with unbound-host. However unbound doesnt seem to be returning these MX records when I use dig/other DNS lookup tools:
# dig mx bidmc.harvard.edu @localhost ; <<>> DiG 9.3.3rc2 <<>> mx bidmc.harvard.edu @localhost ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 65 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bidmc.harvard.edu. IN MX ;; Query time: 3653 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Jun 26 14:53:41 2009 ;; MSG SIZE rcvd: 35 Thanks again, Jakub 2009/6/26 W.C.A. Wijngaards <[email protected]>: > Hi Jakub, > > Here is a patch that solves your problem, I'll look into a more permanent > fix. > > The trouble is that unbound assumed, that once an EDNS answer is received, > then, the path actually works for bufsize=4k answers. The patch makes it > reprobe once an answer starts to lag. > > Thanks for the bugreport! > > (With that patch, unbound-host bidmc.harvard.edu produces the MX records > after 10 seconds.) > > Best regards, > Wouter > > > Index: services/outside_network.c > =================================================================== > --- services/outside_network.c (revision 1683) > +++ services/outside_network.c (working copy) > @@ -1234,7 +1234,7 @@ > &edns_lame_known, &rtt)) > return 0; > if(sq->status == serviced_initial) { > - if(edns_lame_known == 0 && rtt > 5000) { > + if(edns_lame_known == 0 && rtt > 5000 && rtt < 10001) { > /* perform EDNS lame probe - check if server is > * EDNS lame (EDNS queries to it are dropped) */ > verbose(VERB_ALGO, "serviced query: send probe to see > " > @@ -1516,10 +1516,12 @@ > } else if(sq->status == serviced_query_UDP_EDNS && > !sq->edns_lame_known) { > /* now we know that edns queries received answers store that > */ > + /* > if(!infra_edns_update(outnet->infra, &sq->addr, sq->addrlen, > 0, (uint32_t)now.tv_sec)) { > log_err("Out of memory caching edns works"); > } > + */ > sq->edns_lame_known = 1; > } > if(now.tv_sec > sq->last_sent_time.tv_sec || > > > On 06/26/2009 01:40 PM, Jakub Heichman wrote: >> >> Hello, >> >> I'm using unbound 1.3.0 and am unable to resolve MX record for (for >> example) bidmc.harvard.edu. >> I'm guessing that somewhere on the other side there might be a problem >> supporting DNS in UDP packets bigger that 512 bytes >> >> Asking the source: >> >> # dig +bufsize=513 mx bidmc.harvard.edu @134.174.104.11 >> >> ;<<>> DiG 9.2.4<<>> +bufsize=513 mx bidmc.harvard.edu @134.174.104.11 >> ; (1 server found) >> ;; global options: printcmd >> ;; connection timed out; no servers could be reached >> >> >> # dig +bufsize=512 mx bidmc.harvard.edu @134.174.104.11 >> >> ;<<>> DiG 9.2.4<<>> +bufsize=512 mx bidmc.harvard.edu @134.174.104.11 >> ; (1 server found) >> ;; global options: printcmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30368 >> ;; flags: qr aa rd; QUERY: 1, ANSWER: 9, AUTHORITY: 2, ADDITIONAL: 10 >> >> ;; OPT PSEUDOSECTION: >> ; EDNS: version: 0, flags:; udp: 4096 >> ;; QUESTION SECTION: >> ;bidmc.harvard.edu. IN MX >> >> ;; ANSWER SECTION: >> bidmc.harvard.edu. 3600 IN MX 5 >> rattlesnake2.caregroup.org. >> [strip] >> >> However, from what I understood, in this case unbound would send a >> probe query with a sub-second timeout to see if the server responds >> without EDNS. >> Does the timeout apply to response time from the target nameserver, or >> the whole recursion time (which in my case takes more that a second)? >> >> Direct from source: >> # dig mx bidmc.harvard.edu @134.174.104.11 | grep time >> ;; Query time: 297 msec >> >> Recursion time from local Bind instance (on port 5300) >> # dig mx bidmc.harvard.edu @localhost -p5300 | grep time >> ;; Query time: 2241 msec >> >> Recursion from unbound: >> # dig mx bidmc.harvard.edu @localhost >> [..] >> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 63565 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 >> >> Thanks very much, >> > > -- Kuba Heichman _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
