Maintained by: NLnet Labs

[Unbound-users] Resolving Timeouts/Issues

W.C.A. Wijngaards
Wed Oct 8 16:57:19 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Dave,

Aha, you need to configure for more performance then.  I assume you have
a multiprocessor machine (since you set your slabs to 8).  Because of
port randomization it needs loads of file descriptors.

recompile unbound but before recompiling do
	./configure --without-pthreads --without-solaris-threads
then recompile, reinstall.  This enabled a special forking.

config changes, add the line:
	num-threads: 8   # if you have 8 cores on the machine.

It is also possible to reconfigure using --with-libevent with almost the
same config.  Depending on OS and libevent version, that may be faster
or buggy.

Also, you should increase the rrset cache. you need about 2x the amount
of rrset cache as msg cache.
	rrset-cache-size: 1024m
	msg-cache-size: 512m
Right now it is running with 4m cache...

Best regards,
   Wouter

Dave Ellis wrote:
> Wouter,
> 
> Thanks for the info, I made the changes to my config and I'm still
> experiencing the same issue. Here is what I've got in my config now.
> 
> ---
> cache-ns2:/usr/local/etc/unbound# cat unbound.conf 
>        # unbound.conf(5) config file for unbound(8).
>        server:
> 	directory: "/usr/local/etc/unbound" 
> 	username: unbound   # make sure it can write to pidfile.
> 	chroot: "/usr/local/etc/unbound"
> 	logfile: "/usr/local/etc/unbound/unbound.log"  #uncomment to use
> logfile.
> 	pidfile: "/usr/local/etc/unbound/unbound.pid"
> 	interface: 0.0.0.0
> 	access-control: 0.0.0.0/0 allow
> 	root-hints: "/usr/local/etc/unbound/named.cache"
> 	do-ip6: no
> 	outgoing-num-tcp: 30
> 	incoming-num-tcp: 30
> 	outgoing-range: 900
> 	msg-cache-size: 1500m
> 	msg-cache-slabs: 8
> 	statistics-interval: 30 
> ---
> 
> Our caching bind servers regularlly run around 8-10 million queries an
> hour, this server in particular gets anywhere from 2-4 million queries
> an hour. Just letting you know what kind of volume we're dealing with.
> Can Unbound handle that much traffic?
> 
> Thanks again for your help.
> 
> -Dave
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjsyk4ACgkQkDLqNwOhpPg4XgCeLmhazI3H8TiJoc3yhLZ8/HWf
Pi8AmgNZRdzHA5x5HRthoLDu8d5J+oFs
=8yLj
-----END PGP SIGNATURE-----