Discussion:
Which timeouts are used by BIND when resolving recursive queries?
ip admin via bind-users
2018-10-05 14:13:24 UTC
Permalink
Hi,

I understand that I can configure a global timeout for resolving recursive
queries (resolver-query-timeout) but find that I cannot configure the
timeout for an individual query used during DNS resolution.

For testing I configured one unreachable forwarder (and enabled forward
only) and saw (tcpdump) that BIND (9.10.6-P1) is first trying two queries
with EDNS which each seems to have a timeout of 1.2s. Afterwards queries
without ENDS are sent which seem to have a timeout of 1.6s, then 3.2s, then
6.4s, then 9s, finally the maximum (=total) resolver-query-timeout of 30s
is reached.

Is the timeout behaviour documented anywhere (similar to a stub resolver
or dig, i.e. how long are timeouts, how many tries per server etc).

If someone did find a logging setting that shows which servers are used
when recursing (forwarding or delegations) to find a response (and when the
individual queries time out) that would be helpful as well.

Regards
Tom
Alberto Colosi
2018-10-05 15:12:42 UTC
Permalink
RFC say all

read RFC


BIND is a DNS system not an alien so follow RFC


Go and read RFC



________________________________
From: bind-users <bind-users-***@lists.isc.org> on behalf of ip admin via bind-users <bind-***@lists.isc.org>
Sent: Friday, October 5, 2018 4:13 PM
To: bind-***@lists.isc.org
Subject: Which timeouts are used by BIND when resolving recursive queries?

Hi,

I understand that I can configure a global timeout for resolving recursive queries (resolver-query-timeout) but find that I cannot configure the timeout for an individual query used during DNS resolution.

For testing I configured one unreachable forwarder (and enabled forward only) and saw (tcpdump) that BIND (9.10.6-P1) is first trying two queries with EDNS which each seems to have a timeout of 1.2s. Afterwards queries without ENDS are sent which seem to have a timeout of 1.6s, then 3.2s, then 6.4s, then 9s, finally the maximum (=total) resolver-query-timeout of 30s is reached.

Is the timeout behaviour documented anywhere (similar to a stub resolver or dig, i.e. how long are timeouts, how many tries per server etc).

If someone did find a logging setting that shows which servers are used when recursing (forwarding or delegations) to find a response (and when the individual queries time out) that would be helpful as well.

Regards
Tom
Warren Kumari
2018-10-07 16:25:36 UTC
Permalink
Post by Alberto Colosi
RFC say all
read RFC
BIND is a DNS system not an alien so follow RFC
No, BIND is an **implementation** of DNS software.

There is much in the RFCs that is subject to interpretation, or not
necessarily well defined. Things like preferred timeouts fall into this
category.

This answer is almost as helpful as Alberto's, but as far as I know, these
timeouts are not well defined, other than in the BIND source.

Here is some of what you are looking for:
http://users.isc.org/~each/doxygen/bind9/resolver_8c-source.html#l00143
and
http://users.isc.org/~each/doxygen/bind9/resolver_8c-source.html#l00178
and
http://users.isc.org/~each/doxygen/bind9/resolver_8c-source.html#l02083


and some of the defaults:
https://github.com/isc-projects/bind9/blob/fa03f941027cdcccc060613f773e63701b5baa77/bin/named/config.c




The ARM ("https://www.isc.org/downloads/bind/doc/bind-9-10/" ) has some
useful info too -- https://www.isc.org/downloads/bind/doc/bind-9-10/
Post by Alberto Colosi
Go and read RFC
Great. Please point at the RFC which specifies the base timeout and EDNS0
backoff.

W
Post by Alberto Colosi
------------------------------
*Sent:* Friday, October 5, 2018 4:13 PM
*Subject:* Which timeouts are used by BIND when resolving recursive
queries?
Hi,
I understand that I can configure a global timeout for resolving
recursive queries (resolver-query-timeout) but find that I cannot configure
the timeout for an individual query used during DNS resolution.
For testing I configured one unreachable forwarder (and enabled forward
only) and saw (tcpdump) that BIND (9.10.6-P1) is first trying two queries
with EDNS which each seems to have a timeout of 1.2s. Afterwards queries
without ENDS are sent which seem to have a timeout of 1.6s, then 3.2s, then
6.4s, then 9s, finally the maximum (=total) resolver-query-timeout of 30s
is reached.
Is the timeout behaviour documented anywhere (similar to a stub resolver
or dig, i.e. how long are timeouts, how many tries per server etc).
If someone did find a logging setting that shows which servers are used
when recursing (forwarding or delegations) to find a response (and when the
individual queries time out) that would be helpful as well.
Regards
Tom
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
https://lists.isc.org/mailman/listinfo/bind-users
--
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
---maf
Loading...