Bind9, избегая servfail/ повторного запроса, когда в "только вперед" на ненадежном соединении

Question

Я понимаю, что это может звучать как плохая идея, однако ...

При использовании очень ненадежного восходящего канала в шлюзе с bind9. Можно ли настроить bind9, чтобы агрессивно повторять свои запросы к серверам пересылки в восходящем направлении в режиме "только вперед"? В результате избегать "servfail" до очень "длительного" времени, например 2 минуты, вместо немедленного получения его по неудавшемуся запросу.

Это означает, что я также должен был бы принудительно заставить bind непрерывно отправлять свои запросы, даже если сервер пересылки недоступен / недоступен.

Вот пример выборки для www.google.com, которая немедленно получает servfail, который я хотел бы отложить:

28-Feb-2019 11:20:37.148 client @0x7fa92059d9e0: udprecv
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: UDP request
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: using view 'clients'
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: request is not signed
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: recursion available
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: query
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: query (cache) 'www.google.se/A/IN' approved
28-Feb-2019 11:20:40.457 client 10.7.64.100#24254: view clients: replace
28-Feb-2019 11:20:40.457 clientmgr @0x7fa91f240760: createclients
28-Feb-2019 11:20:40.457 clientmgr @0x7fa91f240760: create new
28-Feb-2019 11:20:40.458 client @0x7fa9205d6230: create
28-Feb-2019 11:20:40.458 createfetch: www.google.se A
28-Feb-2019 11:20:40.458 client @0x7fa9205d6230: udprecv
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): create
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): join
28-Feb-2019 11:20:40.458 fetch 0x7fa918714000 (fctx 0x7fa91821e010(www.google.se/A)): created
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): start
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): getaddresses
28-Feb-2019 11:20:40.458 fctx 0x7fa91821e010(www.google.se/A'): query
28-Feb-2019 11:20:40.458 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): send
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): sent
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): udpconnected
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): senddone
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): add_bad
28-Feb-2019 11:20:40.459 error (host unreachable) resolving 'www.google.se/A/IN': 8.8.8.8#53
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): cancelquery
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): query
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): send
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): sent
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): udpconnected
28-Feb-2019 11:20:40.459 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): senddone
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): add_bad
28-Feb-2019 11:20:40.459 error (host unreachable) resolving 'www.google.se/A/IN': 8.8.4.4#53
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): cancelquery
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): getaddresses
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): no addresses
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): done
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): stopeverything
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.459 fctx 0x7fa91821e010(www.google.se/A'): sendevents
28-Feb-2019 11:20:40.459 client 10.7.64.100#24254: view clients: query failed (SERVFAIL) for www.google.se/IN/A at query.c:7002
28-Feb-2019 11:20:40.459 client 10.7.64.100#24254: view clients: error
28-Feb-2019 11:20:40.459 client 10.7.64.100#24254: view clients: send
28-Feb-2019 11:20:40.459 client 10.7.64.100#24254: view clients: sendto
28-Feb-2019 11:20:40.460 client 10.7.64.100#24254: view clients: senddone
28-Feb-2019 11:20:40.460 client 10.7.64.100#24254: view clients: next
28-Feb-2019 11:20:40.460 client 10.7.64.100#24254: view clients: endrequest
28-Feb-2019 11:20:40.460 fetch completed at resolver.c:3098 for www.google.se/A in 0.001312: failure/success [domain:.,referral:0,restart:2,qrysent:2,timeout:0,lame:0,neterr:2,badresp:0,adberr:0,findfail:0,valfail:0]
28-Feb-2019 11:20:40.460 fetch 0x7fa918714000 (fctx 0x7fa91821e010(www.google.se/A)): destroyfetch
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): shutdown
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): doshutdown
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): stopeverything
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): unlink
28-Feb-2019 11:20:40.460 fctx 0x7fa91821e010(www.google.se/A'): destroy
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: UDP request
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: using view 'clients'
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: request is not signed
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: recursion available
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: query
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: query (cache) 'www.google.se/A/IN' approved
28-Feb-2019 11:20:40.462 client 10.7.64.100#29322: view clients: replace
28-Feb-2019 11:20:40.462 clientmgr @0x7fa91f240760: createclients
28-Feb-2019 11:20:40.462 clientmgr @0x7fa91f240760: recycle
28-Feb-2019 11:20:40.462 createfetch: www.google.se A
28-Feb-2019 11:20:40.462 fctx 0x7fa91821e010(www.google.se/A'): create
28-Feb-2019 11:20:40.462 client @0x7fa9207667c0: udprecv
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): join
28-Feb-2019 11:20:40.463 fetch 0x7fa918714000 (fctx 0x7fa91821e010(www.google.se/A)): created
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): start
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): getaddresses
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): query
28-Feb-2019 11:20:40.463 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): send
28-Feb-2019 11:20:40.463 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): sent
28-Feb-2019 11:20:40.463 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): udpconnected
28-Feb-2019 11:20:40.463 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): senddone
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): add_bad
28-Feb-2019 11:20:40.463 error (host unreachable) resolving 'www.google.se/A/IN': 8.8.8.8#53
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): cancelquery
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.463 fctx 0x7fa91821e010(www.google.se/A'): query
28-Feb-2019 11:20:40.463 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): send
28-Feb-2019 11:20:40.464 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): sent
28-Feb-2019 11:20:40.464 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): udpconnected
28-Feb-2019 11:20:40.464 resquery 0x7fa918224010 (fctx 0x7fa91821e010(www.google.se/A)): senddone
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): add_bad
28-Feb-2019 11:20:40.464 error (host unreachable) resolving 'www.google.se/A/IN': 8.8.4.4#53
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): cancelquery
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): try
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): getaddresses
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): no addresses
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): done
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): stopeverything
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): sendevents
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: query failed (SERVFAIL) for www.google.se/IN/A at query.c:7002
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: error
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: send
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: sendto
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: senddone
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: next
28-Feb-2019 11:20:40.464 client 10.7.64.100#29322: view clients: endrequest
28-Feb-2019 11:20:40.464 fetch completed at resolver.c:3098 for www.google.se/A in 0.001510: failure/success [domain:.,referral:0,restart:2,qrysent:2,timeout:0,lame:0,neterr:2,badresp:0,adberr:0,findfail:0,valfail:0]
28-Feb-2019 11:20:40.464 fetch 0x7fa918714000 (fctx 0x7fa91821e010(www.google.se/A)): destroyfetch
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): shutdown
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): doshutdown
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): stopeverything
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): cancelqueries
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): unlink
28-Feb-2019 11:20:40.464 fctx 0x7fa91821e010(www.google.se/A'): destroy
28-Feb-2019 11:20:41.124 client 127.0.0.1#45092: UDP request
28-Feb-2019 11:20:41.124 client 127.0.0.1#45092: no matching view in class 'IN'
28-Feb-2019 11:20:41.124 client 127.0.0.1#45092: no matching view in class

Answer 1

Ах, это была проблема тестирования. Я тестировал "отброшенные" днс с правилом iptable «-p udp --dport 53 -j DROP» на том же сервере, на котором работал bind9. Кажется, это как-то мешало тестам. Когда я на самом деле сделал что-то в пути к сообщениям в Интернете, я получил должное ожидание :) Хотя я действительно не понимаю, что здесь происходит, моя проблема решена, поэтому отметьте это как ответ.