Up until today (yesterday on my laptop), when Deadwood-2 tried to connect to an upstream server, and the server didn't respond, Deadwood would just drop the packet on the ground, and the DNS resolver would have to send another packet.
No longer.
When the upstream DNS server doesn't respond, instead of just dropping the packet on the floor, Deadwood 2 now tries harder to give the client something they can use.
First, Deadwood tries contacting a DNS server again. Should the DNS server not reply again, then Deadwood starts trying extreme measures. Maybe there is an expired copy of the record in question in the cache; if so, we give that record to the end user. If not, then, as a last resort, we give the client a SERVER FAIL response so they know something is up.
All of this can be adjusted by dwood2rc parameters, which are documented.
It can be downloaded, as always, here.
- Sam