Maintained by: NLnet Labs

[Unbound-users] unbound performance tuning

Beastie
Sun Oct 19 14:18:55 CEST 2008


Hi.

I'm using unbound for a couple of months as a default recursor in one
middle level installation and I like it so far :)
Now I have a paln to replace BIND with unbound in one big ISP network
(average recursion load is 50K requests/sec).
I have a question about how to tune unbound to allow him handle that
volumes. That parameters should I adjust to get maximum performance?
We have two CPU socket quard core Xeon server with 12GB of RAM running
FreeBSD 7 STABLE. Unbound will be compilled without libevent and
without threading, and we will start 8 unbound processes (num-threads:
8) using 1024MB cache size for each.

I have a couple of ideas about that should be tuned, but I would like
to ask - am I right, or I'm missing somthing? This post is request for
comments.

AFAIK unbound handle incoming requests this way:

................................................................|.rrset-cache-size:.|.......................................................
(Client).==>.|.num-queries-per-thread:.|.==>.|.msg-cache-size:.|.==>.|.outgoing-range:.|.==>.(Resolving)

So, I should pay attention for that potential bottlenecks:
1) num-queries-per-thread: - "The number of queries that every thread
will service simultaneously". If one process will have more than this
nuber of simultaneousl requests then it will drop exceeded requests?

2) msg-cache-size: - After queue has arrived into unbound it will be
saved in msg-cache and will wait there until resolving process will be
free to handle it? If msg-cache has no free space then new arrived
queues will be dropped?

3) outgoing-range: - the nuber of random ports that resolving process
can simultaneously use for sending requests out of unbound. If this
nuber is low, then msg-cache will grow in size and that can produce
queue dropping?

So, if that is right, I should set num-queries-per-thread: to 10240,
msg-cache-size: to 512MB and outgoing-range: to somthing close to 1024
(1024 - the limit of unbound's builtinmini-event event handler because
I don't use libevent). I will tune FreeBSD sysctl limits for this
(default FreeBSD 7 ulimit -n is 12328 and ulimit -d is 512M).


I assume this unbound.conf will be ok?

server:
        verbosity: 0
        num-threads: 8
        interface: 0.0.0.0
        port: 53
        outgoing-range: 980
        msg-cache-size: 512m
        msg-cache-slabs: 8
        num-queries-per-thread: 10240
        rrset-cache-size: 1024m
        rrset-cache-slabs: 8
        cache-max-ttl: 86400
        infra-host-ttl: 900
        infra-lame-ttl: 900
        infra-cache-slabs: 4
        infra-cache-numhosts: 10000
        infra-cache-lame-size: 10k
        do-ip4: yes
        do-ip6: no
        do-udp: yes
        do-tcp: yes
        do-daemonize: yes

        access-control: 0.0.0.0/0 allow
        access-control: ::0/0 allow

        chroot: "/usr/local/etc/unbound"
        username: "unbound"
        directory: "/usr/local/etc/unbound"
        logfile: ""
        use-syslog: no
        pidfile: "/usr/local/etc/unbound/unbound.pid"
        root-hints: "/usr/local/etc/unbound/named.cache"

        hide-identity: yes
        hide-version: yes
        harden-glue: yes
        module-config: "iterator"


Thanks in advance for any comment.