Is there a way to configure within Unbound a backup resolver for all queries that take over 5 seconds for example ?
Aka, I’d like to forward to 8.8.8.8 all queries that I can’t resolve for whatever reason: network issues, firewalls, etc.
For example: dig +trace 77.184.100.61.in-addr.arpa
This sometimes takes 10 seconds to resolve, other times it times out completely but 8.8.8.8 can return an answer within 1 second.
I also don’t want to implement a per-host/network/domain solution, I just want to forward all queries that take longer than 5 seconds.
Is it possible or is there an alternative ?
Thank you
Sorry that this isn’t actually an answer, but does it matter? What client has a 5s timeout before the client moves on to its own next resolver?
Some apps have even longer and don’t even try a backup resolver
How about pointing unbound to a local dnsmasq instance, configured to use parallel upstreams?
https://serverfault.com/questions/732920/how-to-do-parallel-queries-to-the-upstream-dns-using-unbound
If you don’t need some specific feature of unbound, you could just use dnsmasq by itself.
With dnsdist you can use a pool of resolvers in the background and set several options. Like:
setUDPTimeout(num)
Set the maximum time dnsdist will wait for a response from a backend over UDP, in seconds. Defaults to 2
See https://dnsdist.org/
Br,