Ask more nameservers if choice is limited.

Lowered bogus-ttl to help validation-failure recovery times.



git-svn-id: file:///svn/unbound/trunk@1313 be551aaa-1e26-0410-a405-d3ace91eadb9

doc/Changelog

@@ -3,6 +3,17 @@
 	- iana portlist updated.
 	- do not query bogus nameservers.  It is like nameservers that have 
 	  the NS or A or AAAA record bogus are listed as donotquery.
+	- if server selection is faced with only bad choices, it will
+	  attempt to get more options to be fetched.
+	- changed bogus-ttl default value from 900 to 60 seconds.
+	  In anticipation that operator caused failures are more likely than
+	  actual attacks at this time.  And thus repeated validation helps
+	  the operators get the problem fixed sooner.  It makes validation
+	  failures go away sooner (60 seconds after the zone is fixed).
+	  Also it is likely to try different nameserver targets every minute,
+	  so that if a zone is bad on one server but not another, it is 
+	  likely to pick up the 'correct' one after a couple minutes,
+	  and if the TTL is big enough that solves validation for the zone.
 
 17 October 2008: Wouter
 	- port Leopard/G5: fixup type conversion size_t/uint32.

doc/example.conf.in

@@ -304,7 +304,7 @@ server:
 	
 	# The time to live for bogus data, rrsets and messages. This avoids
 	# some of the revalidation, until the time interval expires. in secs.
-	# val-bogus-ttl: 900
+	# val-bogus-ttl: 60
 	
 	# Should additional section of secure message also be kept clean of
 	# unsecure data. Useful to shield the users of this validator from

doc/unbound.conf.5.in

@@ -501,7 +501,7 @@ you are debugging signature inception and expiration.
 .B val\-bogus\-ttl: \fI<number>
 The time to live for bogus data. This is data that has failed validation;
 due to invalid signatures or other checks. The TTL from that data cannot be
-trusted, and this value is used instead. The value is in seconds, default 900.
+trusted, and this value is used instead. The value is in seconds, default 60.
 The time interval prevents repeated revalidation of bogus data.
 .TP
 .B val\-clean\-additional: \fI<yes or no>

iterator/iter_utils.c

@@ -207,6 +207,10 @@ iter_filter_order(struct iter_env* iter_env, struct module_env* env,
 		&low_rtt);
 	if(got_num == 0) 
 		return 0;
+	if(low_rtt >= USEFUL_SERVER_TOP_TIMEOUT &&
+		delegpt_count_missing_targets(dp) > 0)
+		return 0; /* we want more choice. The best choice is a bad one.
+			     return 0 to force the caller to fetch more */
 
 	got_num = 0;
 	a = dp->result_list;

util/config_file.c

@@ -99,7 +99,7 @@ config_create()
 	cfg->rrset_cache_slabs = 4;
 	cfg->host_ttl = 900;
 	cfg->lame_ttl = 900;
-	cfg->bogus_ttl = 900;
+	cfg->bogus_ttl = 60;
 	cfg->max_ttl = 3600 * 24;
 	cfg->infra_cache_slabs = 4;
 	cfg->infra_cache_numhosts = 10000;