serve-expired seems to break flush_zone

W.C.A. Wijngaards wouter at nlnetlabs.nl
Fri Apr 6 06:47:53 UTC 2018


Hi Marc,

On 04/04/18 20:29, Marc Branchaud via Unbound-users wrote:
> Hi all,
> 
> I have a simple forward-everything setup with serve-expired enabled:
> 
>     server:
>         serve-expired: yes
>     forward-zone:
>         name: .
>         forward-addr: X.X.X.X
> 
> If I use "flush_zone ." to clear the cache, I still get cache hits for
> supposedly-absent entries (dump_cache shows that the cache is empty).
> 
> When I turn serve-expired off, "flush_zone ." results in cache misses
> for flushed entries.
> 
> With serve-expired on, I can only seem to force a cache miss by
> explicitly flushing a name (e.g. "flush google.com").  I really want to
> clear the entire cache, though.
> 
> Is this an intended effect of serve-expired, or is it a bug?

Right now this is the design of flush-zone, it iterates over the cache
contents.  And it sets every element of the flushed zone to the expired
state.  I couldn't really delete the element at that time, because the
iterator would become invalid.

I could however, set other flags or things to the expired data.  Eg
SERVFAIL.  But then the customer receives servfail and the prefetch
happens, instead of the customer receiving the old data and a prefetch
happens, which is what there is now.

Best regards, Wouter

> 
> Thanks!
> 
>         M.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20180406/ed49fe5f/attachment.bin>


More information about the Unbound-users mailing list