On 3/15/20 9:53 PM, Stuart Henderson wrote:
On 2020/03/15 19:05, Renaud Allard wrote:On 15/03/2020 17:36, Stuart Henderson wrote:Lots of churn again.. most of the new + are related to the new rpz and serve-stale support. I've been running it for a few days with my usual setup with no problems, haven't tried the new things yet. Anyone want to test?I have had a lot of stalling issues with unbound 1.9.4 being a DoT server. It went better with 1.9.6, but there are still stalling issues. I am now trying your patch on 6.6-stable to see if it solves the stalling issues.I would be interested to know if it helps, but I don't think all that much has changed for DoT in this release so I think it's unlikely. Honestly I would just put dnsdist in front if you want good DoT (or DoH) service, it is solid.
After some days of testing I didn't see any real problem with that diff. It's working as expected.
Also, I found out that putting "so-reuseport: no" completely stops all the stalling problems I had with unbound as a DoT server. It might be a good idea to mention somewhere that in case of problems with TCP connections, putting that option seems to solve all the TCP stalling.
smime.p7s
Description: S/MIME Cryptographic Signature
