DNS Resolver Forwarding Mode Question
I have a quick question on how the Unbound DNS Resolver behaves in forwarding mode with a few different forwarding DNS servers.
For my question assume the following hypothetical setup:
- Unbound DNS Resolver enabled in forwarding mode.
- DNS Servers used: 220.127.116.11, 18.104.22.168, 22.214.171.124 (i.e. a DNS server from each of three different services).
My question is related to how the forwarding query works if the results from each of the servers is not the same:
From what I understand, if DNS information is not already in the cache, unbound sends a DNS request to each of the forwarding servers and then uses the result from the DNS server that returned it the fastest. Does the DNS resolver look at all the results at all to see which result is most geographically close? For instance, what if the result from server A is geographically closer (lower RTT), but server A responded 1ms slower than server B, which returned a result with higher RTT? I would assume that server B's answer is still used despite being a higher RTT.
Is this just a caveat of using multiple DNS forwarding servers from different services? Or am I misunderstanding how things work?
Thanks in advance for your insight, I really appreciate it.
Curious if any of the DNS gurus might have an idea on this - @johnpoz? Thanks again for your help and insight.
if the results from each of the servers is not the same:
How would that be? But its going to use the first answer it gets..
And no unbound doesn't work like that - dnsmasq does that! it sends to all of them at once and first answer wins - unless you setup sequential query. Unbound AFAIK can not do all at same time, its always sequential... Again going to say that unless you have specific reason - forwarding sucks compared to resolving all the way around!!!
Hi @johnpoz - so I had a situation where I was testing a DNS over TLS setup with these 4 servers:
One example that was interesting is that pinging say, www.google.com, sometimes I could get a Google server located in NYC and sometimes in Atlanta. Geographically speaking, the former is closer to me, and the RTT difference is almost 20ms. Not a lot, I grant you, but enough to make curious minds want to know :). When I removed the last two DNS servers (and only use Cloudflare's), the result given to me now consistently comes from NYC. The only explanation I could come up with at the time was that the servers from different DNS services were giving me different results and sometimes Cloudflare's servers would be faster and sometimes Quad9's.
Is there a flaw in my thinking, or is it actually possible to get different results in a case like e.g. google which has a huge amount of server nodes all over the planet?