SERVFAIL is an expected error return, don't try all servers.

51967f98 · Simon Kelley · b37f8b99 · 51967f98
Commit 51967f98 authored Mar 25, 2014 by Simon Kelley
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 4 deletions

src/forward.c src/forward.c +3 -4

No files found.
--- a/src/forward.c
+++ b/src/forward.c
@@ -751,7 +751,7 @@ void reply_query(int fd, int family, time_t now)
  if ((forward->sentto->flags & SERV_TYPE) == 0)
    {
-      if (RCODE(header) == SERVFAIL || RCODE(header) == REFUSED)
+      if (RCODE(header) == REFUSED)
 	server = NULL;
      else
 	{
@@ -774,8 +774,7 @@ void reply_query(int fd, int family, time_t now)
     we get a good reply from another server. Kill it when we've
     had replies from all to avoid filling the forwarding table when
     everything is broken */
-  if (forward->forwardall == 0 || --forward->forwardall == 1 || 
+  if (forward->forwardall == 0 || --forward->forwardall == 1 || RCODE(header) != SERVFAIL)
-      (RCODE(header) != REFUSED && RCODE(header) != SERVFAIL))
    {
      int check_rebind = 0, no_cache_dnssec = 0, cache_secure = 0;
@@ -788,7 +787,7 @@ void reply_query(int fd, int family, time_t now)
 	no_cache_dnssec = 1;
 #ifdef HAVE_DNSSEC
-      if (option_bool(OPT_DNSSEC_VALID) && !(forward->flags & FREC_CHECKING_DISABLED))
+      if (server && option_bool(OPT_DNSSEC_VALID) && !(forward->flags & FREC_CHECKING_DISABLED))
 	{
 	  int status;