-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Isaac, No logs via logfile: - -------------------- This is because unbound opens the logfile /var/log/unbound.log after the chroot is done to /var/unbound. Therefore it tries to access /var/unbound/var/log/unbound.log. This file does not exist? You can try to mount --bind it there for example. Or create the directory /var/unbound/var/log. Unbound has to open it like this, because it supports logfile rotation with kill -HUP. When reloaded like that, unbound re-opens the logfile, so that it can be rotated using a log rotate daemon. No logs via syslog: - ------------------- Unbound tries to open the syslog socket (/dev/log) before the chroot is performed. Which version of unbound are you using? The 1.0 version used to open it after the chroot was done, trying to open /var/unbound/dev/log (made with mount --bind or devfs on BSD). But recently this is fixed up, are you having trouble with the new version then? Also from your config file it seems you want to have lots of performance, with queries-per-thread 16K and 4 threads, but you only increase the rrset-cache, and not increase msg-cache-size: 128m. Look at http://unbound.net/documentation/howto_optimise.html for more on optimising for performance. Best regards, Wouter On 07/13/2009 01:14 PM, Isaac González wrote: > Hi, > > I'm unable to get logs via syslog or via logfile. > > Here is my unbound.conf, I'm running it chrooted in /var/unbound, the > logfile have write permissions to unbound user. > > server: > verbosity: 5 > statistics-interval: 10 > statistics-cumulative: no > extended-statistics: yes > num-threads: 4 > interface: XXXXXXXXXX > port: 53 > outgoing-interface: XXXXXXXX > outgoing-range: 16384 > num-queries-per-thread: 16384 > rrset-cache-size: 4m > rrset-cache-size: 256m > do-ip4: yes > do-udp: yes > do-tcp: yes > do-daemonize: yes > access-control: 127.0.0.0/8 allow > chroot: "/var/unbound" > username: "unbound" > directory: "/var/unbound" > logfile: "/var/log/unbound.log" > use-syslog: yes #I'VE ALSO TRIED NO > pidfile: "/var/run/unbound.pid" > root-hints: "/var/unbound/named.cache" > hide-identity: no > hide-version: yes > identity: "nameserv1" > version: "" > harden-large-queries: yes > remote-control: > control-enable: yes > server-key-file: "/var/unbound/etc/unbound_server.key" > server-cert-file: "/var/unbound/etc/unbound_server.pem" > control-key-file: "/var/unbound/etc/unbound_control.key" > control-cert-file: "/var/unbound/etc/unbound_control.pem" > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbLHcACgkQkDLqNwOhpPg4jgCeJ5JOXVdmxz5ocQS3c5Er9Sg5 lTYAnRAgaUskHF+LIdCxu3S7MhwjxU0X =/hzM -----END PGP SIGNATURE-----