Open alpominth opened 1 year ago
There is already an option prefetch: yes
. This also performs cache prefetching.
It has been in the software release for a while now, and turning it on should work fine. If you have DNSSEC enabled, with a trust anchor, then the option prefetch-key: yes
can be used to prefetch DNSKEY lookups. This speeds up the DNSSEC validation by fetching the DNSSEC key material while the iterative resolution is still in progress.
@wcawijngaards
I know, but the options I suggested would complement this feature in Unbound.
Thanks.
@wcawijngaards
I reformuled this topic and I'm opening again, if you find this idea irrelevant, close this.
Thanks.
This is just seems like expected prefetch operation, but with extra steps for no immediately obvious reason.
If there's a record in cache that's about to expire, and prefetch is enabled, the record will be prefetched.
This would only really fall over if you're modifying cache TTL to a ridiculous degree, and in turn never actually seeing prefetch because you're holding records live for weeks/months (I noticed you doing this with client facing TTL and have no immediate reason to believe you're not doing so with primary cache TTL also).
@saint-lascivious
The reason would be keeping frequently accessed hostnames updated.
This would only really fall over if you're modifying cache TTL to a ridiculous degree
Good idea. Well, I will change my configuration according to your tip.
I have been using Unbound and Blocky in production.
PS: You said in another topic that your English is not that good, but in my opinion, it is very very good. =)
The reason would be keeping frequently accessed hostnames updated.
The basic idea with TTL in general is that it should be shorter than the expected update period of a given record, which depending on the situation can vary pretty dramatically from seconds to weeks, with no one-size-fits-all value.
There is an option in Unbound for cache prefetching, but it would be a good idea if not only recorded queries that about to expire are updated, but also often queried hostnames were preteteched and updated in the cache.
This feature would be very useful, Unbound could preload DNS results for often used queries for keeping the cache updated.
It could be:
/\ Unbound would prefetch the cached DNS answer if 5 hits of same domain are served from the cache in a period of 2 hours (7200 seconds).
cache-prefetch-expires is the prefetch track time window, and cache-prefetch-threshold the name queries threshold for prefetch.