impact of qname minimization with Unbound as forwarder

Sohka · October 22, 2025, 9:42am

Hi,

I would like to configure Unbound as a DNS forwarder with Quad9 as the
upstream recursive resolver.

I read in their best practices document that the qname-minimization
option should be disabled as it significantly reduces performance.
https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#__tabbed_3_3

Is this correct? I thought that when used only as a forwarder, qname-
minimization had no impact on how Unbound works. That's what I
understood, reading this presentation
https://www.nlnetlabs.nl/downloads/presentations/unbound_qnamemin_oarc24.pdf
(page 22).

Kind regards,
sohka

A_Schulze · October 22, 2025, 10:07am

Sohka via Unbound-users:

I would like to configure Unbound as a DNS forwarder with Quad9 as the
upstream recursive resolver.

I read in their best practices document that the qname-minimization
option should be disabled as it significantly reduces performance.
https://docs.quad9.net/Quad9_For_Organizations/DNS_Forwarder_Best_Practices/#__tabbed_3_3

Hello,

well, qname-minimization limit "root's" knowlege that a client is interestes in foobar.mumble.example.org.
because the root nameserver can only answer "ask .org".
But if you forward any queries to one destination anyway, I see no value for qname-minimization.
So, yes quad9's suggestion sounds right to me.

Andreas

Fred_Morris · October 22, 2025, 4:51pm

Concur. Presumably the forwarded query is sent with RD, expecting the upstream to perform recursion. qname-minimization doesn't really apply.