Maintained by: NLnet Labs

[Unbound-users] Unbound Slow to Prime

Alan Gutierrez
Mon Aug 8 13:55:58 CEST 2011


On Aug 6, 2011, at 7:45 PM, Paul Wouters wrote:

> On Sat, 6 Aug 2011, Alan Gutierrez wrote:
> 
>> It used to be the case that I could flush the unbound cache and then resolve a name immediately. Now there is a long delay before I start to get results. It is especially bad on Fedora 15 running in VirtualBox on OS X Lion, but I'm also seeing it slow down on Fedora 15 at EC2. I updated root.hints, but that didn't seem to help. I can't make much sense of the debugging logging output. A couple weeks ago, flushing cache or restarting, you might notice a light delay on the first lookup, but now it takes a few minutes to get results other than timeouts.
>> 
>> server:
>> 	verbosity: 2
>> 	num-threads: 1
>> 	interface: 127.0.0.1
>> 	do-ip4: yes
>> 	do-ip6: no
>> 	do-udp: yes
>> 	do-tcp: no
> 
> Why do you have do-tcp set to no? That will cause problems on large dnssec replies that get
> truncated.
> 
>> 	use-caps-for-id: yes
> 
> You can try disabling this, some servers don't do 0x20 properly and it might be causing delays.

I tried disabling this, but it was working fine before about two weeks ago. Now I'm finding a slow start everywhere. I've created a gist, with the output of the unbound logs, with verbose at 9. It goes from startup to the successful resolution of "dig NS .". The first time I invoke dig, it times out. Then I wait a while and invoke dig again, for a successful resolution.

https://gist.github.com/1131622

There is a lot there. I'm not sure what to look for. If there is anything I can do to make it easier to get feedback from the group, let me know.

--
Alan Gutierrez - http://github.com/bigeasy - http://twitter.com/bigeasy