unbound: please allow control of infra-keep-probing

[feld]

Hello,

Here's a scenario that happens with Unbound

1. Your internet service goes down
2. Unbound tries to make queries
3. Unbound cannot query
4. Unbound puts the nameservers it tried to query on a blacklist for 900 seconds
5. Your internet service comes back up
6. Unbound still cannot service those queries as the nameservers are still on a blacklist


Being able to set infra-host-ttl to a lower value will limit the time a nameserver can be on this blacklist, and setting infra-keep-probing: yes will inform Unbound to test servers on the blacklist for reachability one at a time, but it takes 120 seconds for it to timeout and move on to the next one.

There is no option to disable this behavior in unbound. The only fix is to manually restart Unbound or run "unbound-control flush_infra all"

https://unbound-users.unbound.narkive.com/DjcIaXIy/unbound-stops-answering-after-adsl-line-bounce
https://github.com/NLnetLabs/unbound/blob/release-1.13.0/doc/Changelog#L90-L98



edit: it looks like **TTL for Host Cache entries** is infra-host-ttl. I wish the names of these items in the UI actually matched the config file options. So we just need control over infra-keep-probing. Changed post subject accordingly.

[tuto2]

Hello,

Sure, I'll add it.

Since the list of options is growing it might make sense to categorize certain options at some point, in the same manner as unbound.conf is prefixing toggles (e.g. mark these options as Infrastructure). Other than that, the options clearly state their purpose and are descriptive enough.