Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make VAL_MAX_RESTART_COUNT configurable. #486

Merged
merged 1 commit into from Jun 9, 2021

Conversation

fobser
Copy link
Contributor

@fobser fobser commented May 8, 2021

unbound tries very hard (up to 6 authoritative servers) to find a
validating answer. This is not always desirable, for example on high
latency links.

unbound tries very hard (up to 6 authoritative servers) to find a
validating answer. This is not always desirable, for example on high
latency links.
@fobser
Copy link
Contributor Author

fobser commented May 8, 2021

val-max-restart is a bit awkward, maybe val-max-retries or val-retries-max would be nicer.
For now I went with how the #define was named. Let me know what you think, I'm happy to rename the option.

I did not regenerate the lexer and parser, I don't have the right versions for flex and bison around and it should be a separate commit anyway I guess?

I've also checked what other resolvers are doing by asking for sigexpired.bad-dnssec.wb.sidnlabs.nl A
bind: similar to unbound, seems to do even more work
powerdns-recursor: gives up after encountering the DNSKEY with expired RRSIG. This is what unbound will do with val-max-restart: 0.
knot-recurser: gives up after encountering the expired RRSIG for A, doesn't bother with the DNSKEY.

@Habbie
Copy link

Habbie commented May 10, 2021

I like this!

@gthess gthess self-assigned this Jun 9, 2021
@gthess
Copy link
Member

gthess commented Jun 9, 2021

LGTM, thanks!
I'll generate the lexer and parser.

@gthess gthess merged commit 45be341 into NLnetLabs:master Jun 9, 2021
gthess added a commit that referenced this pull request Jun 9, 2021
- Generetated lexer and parser for #486; updated example.conf.
@fobser fobser deleted the val-max-restart branch August 16, 2021 09:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants