Maintained by: NLnet Labs

unbound generating too many log messages

Taylor R Campbell
Tue Jan 19 16:20:23 CET 2016


   Date: Tue, 19 Jan 2016 13:05:09 +0100
   From: Dag-Erling Smørgrav via Unbound-users <unbound-users at unbound.net>

   Philippe Meunier via Unbound-users <unbound-users at unbound.net> writes:
   > After booting, unbound and ntpd both start without problem.  Then ntpd
   > automatically starts trying to contact NTP servers from pool.ntp.org,
   > which triggers DNS queries.  In turn unbound tries to contact root DNS
   > servers and fails since no network interface is configured yet.

   That shouldn't happen.  OpenBSD's /etc/rc doesn't start unbound and ntpd
   until after /etc/netstart, which configures your network interfaces.
   The order is roughly pf (stub ruleset) - netstart - pf (real ruleset) -
   early daemons (including unbound and ntpd) - ipsec - rpc, nis and nfs -
   everything else.

That's irrelevant to the issue Philippe raised.  The network is not
always available, no matter how well you configure your system or
engineer your software.  The problem here is that when the network is
down, Unbound spews junk to its log as fast as it can.

For years I've seen exactly the same issue as Philippe reported, and I
asked about it on unbound-users a long time ago with no response:

https://www.unbound.net/pipermail/unbound-users/2011-March/001720.html

I have more or less worked around it by using daemontools multilog
instead of syslog in order to reliably limit the size and throughput
of the log files and to prevent them from interfering with other logs.
But that's a workaround, not a fix.