Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Resolver Forwarding Mode Question

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 2 Posters 801 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tman222
      last edited by

      Hi all,

      I have a quick question on how the Unbound DNS Resolver behaves in forwarding mode with a few different forwarding DNS servers.

      For my question assume the following hypothetical setup:

      1. Unbound DNS Resolver enabled in forwarding mode.
      2. DNS Servers used: 1.1.1.1, 9.9.9.9, 8.8.8.8 (i.e. a DNS server from each of three different services).

      My question is related to how the forwarding query works if the results from each of the servers is not the same:

      From what I understand, if DNS information is not already in the cache, unbound sends a DNS request to each of the forwarding servers and then uses the result from the DNS server that returned it the fastest. Does the DNS resolver look at all the results at all to see which result is most geographically close? For instance, what if the result from server A is geographically closer (lower RTT), but server A responded 1ms slower than server B, which returned a result with higher RTT? I would assume that server B's answer is still used despite being a higher RTT.

      Is this just a caveat of using multiple DNS forwarding servers from different services? Or am I misunderstanding how things work?

      Thanks in advance for your insight, I really appreciate it.

      johnpozJ 1 Reply Last reply Reply Quote 1
      • T
        tman222
        last edited by

        Curious if any of the DNS gurus might have an idea on this - @johnpoz? Thanks again for your help and insight.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @tman222
          last edited by johnpoz

          @tman222 said in DNS Resolver Forwarding Mode Question:

          if the results from each of the servers is not the same:

          How would that be? But its going to use the first answer it gets..

          And no unbound doesn't work like that - dnsmasq does that! it sends to all of them at once and first answer wins - unless you setup sequential query. Unbound AFAIK can not do all at same time, its always sequential... Again going to say that unless you have specific reason - forwarding sucks compared to resolving all the way around!!!

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • T
            tman222
            last edited by

            Hi @johnpoz - so I had a situation where I was testing a DNS over TLS setup with these 4 servers:

            1.1.1.1
            1.0.0.1
            9.9.9.9
            149.112.112.112

            One example that was interesting is that pinging say, www.google.com, sometimes I could get a Google server located in NYC and sometimes in Atlanta. Geographically speaking, the former is closer to me, and the RTT difference is almost 20ms. Not a lot, I grant you, but enough to make curious minds want to know :). When I removed the last two DNS servers (and only use Cloudflare's), the result given to me now consistently comes from NYC. The only explanation I could come up with at the time was that the servers from different DNS services were giving me different results and sometimes Cloudflare's servers would be faster and sometimes Quad9's.

            Is there a flaw in my thinking, or is it actually possible to get different results in a case like e.g. google which has a huge amount of server nodes all over the planet?

            Thanks again.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.