Feature request: configurable TCP timeouts on zone refresh queries

There is nothing that can be configured to reduce the timeout when failing to reach an authoritative server with a refresh query over TCP (BIND default is "try-tcp-refresh yes;")

Customer input is :

Basically, if my secondary is trying to reach out to a third-party master and doesn't get a response in 10-15 seconds, I want it to move on to the next listed master in hopes of better results versus waiting for 2 minutes

A 'sort of' workaround for this is to allow the UDP timeout to happen ("try-tcp-refresh no;") but that takes away the possibility of being able to reach servers and to pull a zone transfer in the situation where UDP doesn't work, but TCP does.

We have configurable TCP timeouts for other BIND functions, but not for this.

See Support ticket #21044

Edited Aug 06, 2024 by Ondřej Surý

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information