Maintained by: NLnet Labs

[Unbound-users] RHEL 5 and Unbound

Hayward, Bruce
Mon Oct 25 19:25:59 CEST 2010


A little elaboration:

Outside of Unbound:

I had added the following lines to /etc/modprobe.conf:
alias net-pf-10 off
options ipv6 disable=1
I also changed /etc/sysconfig/network to read:
NETWORKING_IPV6=no

To disable ipv6 when installing RHEL 5.5 (on a Dell 2970)

In the unbound.conf file I left the 'do-ip6: yes' commented out <which yes is the default>

We also run an anycast model - which is running two virtual (static) IPs of off eth1. These IPs are the same IPs as are used in servers in several cities - so your lookups are geo based with the same IPs.

Hence I have 'interface-automatic: yes' set to yes.
And the interfaces are explicitely set (all of them - the loopback, the physical and the two virtuals) as opposed to using 0.0.0.0 - seems to be what works.

This configs ended up dropping QPS to 160 - 2000 at a high end.

Setting 'do-ip6: no' changed the QPS to between 45,000 and 60,000 pending the cache.

We will be going to IPV6 shortly, but not just now.

Bruce

Bruce Hayward, MTS Allstream Inc., (p) 204-958-1983 (e) bruce.hayward at mtsallstream.com 


-----Original Message-----
From: unbound-users-bounces at NLnetLabs.nl [mailto:unbound-users-bounces at NLnetLabs.nl] On Behalf Of Hayward, Bruce
Sent: October 25, 2010 11:01 AM
To: Paul Wouters; W.C.A. Wijngaards
Cc: unbound-users at unbound.net
Subject: Re: [Unbound-users] RHEL 5 and Unbound

I'll send off some verbosity = 4, and some configs later - just caught
up with testing

Bruce

Bruce Hayward, MTS Allstream Inc., (p) 204-958-1983 (e)
bruce.hayward at mtsallstream.com 


-----Original Message-----
From: unbound-users-bounces at NLnetLabs.nl
[mailto:unbound-users-bounces at NLnetLabs.nl] On Behalf Of Paul Wouters
Sent: October 25, 2010 10:51 AM
To: W.C.A. Wijngaards
Cc: unbound-users at unbound.net
Subject: Re: [Unbound-users] RHEL 5 and Unbound

On Mon, 25 Oct 2010, W.C.A. Wijngaards wrote:

> Offlist, Bruce found a solution, it was do turn off do-ip6 in the
> unbound.conf.  Ip6 was turned off in RHEL as well.  For some reason
the
> ipv6 sockets took an inordinate amount of effort.

Are you going to investigate this further?

> (I would like people to run with ipv6 enabled of course, but this
seems
> interesting when you deploy on kernels with ipv6 disabled).

Can we pass an option to unbound to override the config setting? And
perhaps
only pass it when we find NETWORKING_IPV6=yes in /etc/sysconfig/network
via
the init script?

Worst case, we could check for the option and warn on bootup. But
ideally it
should run fast either way.

Paul
_______________________________________________
Unbound-users mailing list
Unbound-users at unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users

 
 
Is it really necessary to print this email?
 
MTS ALLSTREAM INC. CONFIDENTIALITY WARNING: This email message is confidential and intended only for the named recipient(s).  If you are not the intended recipient, or an agent responsible for delivering it to the intended recipient, or if this message has been sent to you in error, you are hereby notified that any review, use, dissemination, distribution or copying of this message or its contents is strictly prohibited.   If you have received this message in error, please notify the sender immediately and delete the original message.  If there is an agreement attached with this message, such agreement will not be binding until it is signed by all parties named therein.

_______________________________________________
Unbound-users mailing list
Unbound-users at unbound.net
http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users