On my server, I config
cat /etc/resolv.conf
nameserver 127.0.0.1
, where unbound 1.13.1 listens @
server:
interface: 127.0.0.1@53
if I set up forward-first in unbound config,
forward-zone:
name: "."
forward-first: yes
forward-addr: <server.1.ipv.6>
forward-addr: <server.1.ipv.4>
...
forward-addr: <server.n.ipv.6>
forward-addr: <server.n.ipv.4>
what's the order policy for those forward-addr's?
Is the forward-addr used randomly, or sequentially, selected from that list?
Is there any unbound preference for IPv4 vs IPv6 forward-addrs?
Does the preference respect /etc/gai.conf?
Hi pgnet(?),
I think you posted on the wrong mailing list 
I'll reply here and include unbound-users also.
If you want to reply further please drop nsd-users and let us continue the discussion only on the unbound-users mailing list as to not generate noise here.
On my server, I config
cat /etc/resolv\.conf
nameserver 127\.0\.0\.1
, where unbound 1.13.1 listens @
server:
interface: 127\.0\.0\.1@53
if I set up forward-first in unbound config,
forward\-zone:
name: "\."
forward\-first: yes
forward\-addr: <server\.1\.ipv\.6>
forward\-addr: <server\.1\.ipv\.4>
\.\.\.
forward\-addr: <server\.n\.ipv\.6>
forward\-addr: <server\.n\.ipv\.4>
what's the order policy for those forward-addr's?
Is the forward-addr used randomly, or sequentially, selected from that list?
Randomly between the fastest servers (in the <400ms band). Unbound will keep probing the other servers to keep updated metrics for them in case they become fast enough (<400ms). You can read more about it at https://www.nlnetlabs.nl/documentation/unbound/info-timeout/.
Is there any unbound preference for IPv4 vs IPv6 forward-addrs?
There are the 'prefer-ip4:' and 'prefer-ip6:' options if you want to do that.
Does the preference respect /etc/gai.conf?
No.
Best regards,
-- George
I think you posted on the wrong mailing list
oops! yep.
I'll reply here and include unbound-users also.
If you want to reply further please drop nsd-users and let us continue the discussion only on the unbound-users mailing list as to not generate noise here.
thx.
On my server, I config
what's the order policy for those forward-addr's?
Is the forward-addr used randomly, or sequentially, selected from that list?
Randomly between the fastest servers (in the <400ms band). Unbound will keep probing the other servers to keep updated metrics for them in case they become fast enough (<400ms). You can read more about it at https://www.nlnetlabs.nl/documentation/unbound/info-timeout/.
Is there any unbound preference for IPv4 vs IPv6 forward-addrs?
There are the 'prefer-ip4:' and 'prefer-ip6:' options if you want to do that.
in the case of
do-ip4: yes
do-ip6: yes
prefer-ip4: no
prefer-ip6: yes
iiuc, then, it's strictly a preference, and _will_ fallback to the ip4 if ip6 'pref' fails ?
Reading for 'prefer-ip4',
" Useful if the IPv6 netblock the server has, the entire /64 of that is not owned by one operator and the reputation of the netblock /64 is an issue, using IPv4 then uses the IPv4 filters that the upstream servers have."
tbh I've no sense for the magnitude of that issue.
I'd guess it's a non-zero-sized problem. But generally _worth_ setting a preference?
Are the settings' defaults (prefer-ipX = no) chosen as typically *recommended* -- vs simplest config -- values?
Does the preference respect /etc/gai.conf?
No.
thx o/
Hi,
I think you posted on the wrong mailing list
oops! yep.
I'll reply here and include unbound-users also.
If you want to reply further please drop nsd-users and let us continue the discussion only on the unbound-users mailing list as to not generate noise here.
thx.
On my server, I config
what's the order policy for those forward-addr's?
Is the forward-addr used randomly, or sequentially, selected from that list?
Randomly between the fastest servers (in the <400ms band). Unbound will keep probing the other servers to keep updated metrics for them in case they become fast enough (<400ms). You can read more about it at https://www.nlnetlabs.nl/documentation/unbound/info-timeout/.
Is there any unbound preference for IPv4 vs IPv6 forward-addrs?
There are the 'prefer-ip4:' and 'prefer-ip6:' options if you want to do that.
in the case of
do\-ip4: yes
do\-ip6: yes
prefer\-ip4: no
prefer\-ip6: yes
iiuc, then, it's strictly a preference, and _will_ fallback to the ip4 if ip6 'pref' fails ?
Yes.
Reading for 'prefer-ip4',
" Useful if the IPv6 netblock the server has, the entire /64 of that is not owned by one operator and the reputation of the netblock /64 is an issue, using IPv4 then uses the IPv4 filters that the upstream servers have."
tbh I've no sense for the magnitude of that issue.
I'd guess it's a non-zero-sized problem. But generally _worth_ setting a preference?
Only if you need to i.e., you know that one of the two address family is preferable in your network.
Another case would be that your outgoing IPv6 interface has a considerable network segment and by preferring IPv6 you use all those addresses to send out queries which results in more randomized queries for UDP communication. You can check the man page for 'outgoing-interface:' for more information.
Are the settings' defaults (prefer-ipX = no) chosen as typically *recommended* -- vs simplest config -- values?
They are chosen as to not have any preference by default.
Best regards,
-- George