Maintained by: NLnet Labs

Unbound swapping

Eduardo Schoedler
Fri Sep 15 01:39:32 CEST 2017


Wouter,

Something I just noticed:

root at dns:/opt# tail -f unbound.log
[1505432173] unbound[53221:4] error: internal error: looping module stopped
[1505432173] unbound[53221:4] error: internal error: looping module stopped
[1505432173] unbound[53221:4] error: internal error: looping module stopped
[1505432252] unbound[53221:2] error: internal error: looping module stopped
[1505432252] unbound[53221:2] error: internal error: looping module stopped
[1505432252] unbound[53221:2] error: internal error: looping module stopped

Maybe it's a problem?

Regards,


2017-09-14 20:21 GMT-03:00 Eduardo Schoedler <listas at esds.com.br>:
> 2017-09-14 5:08 GMT-03:00 W.C.A. Wijngaards via Unbound-users
> <unbound-users at unbound.net>:
>> Hi Eduardo,
>
> Hi Wouter!
> Thank you for the answer.
>
>> I have no real good idea.  But looking at your numbers, I see that you
>> are running a network heavy application, unbound, and it uses about 10G
>> on 12G memory.  The buff/cache is 2G.  Adds up to 12G.  And it is
>> swapping.  Sounds reasonable, it is maxed out on memory, this is where
>> swap is supposed to make space, right?
>
> Yes, our application is really heavy.
>
> Indeed about swap, but when unbound is swapping, performance degrades a lot.
> If possible, we expect to not swap at all.
>
>
>> These options change the buffer space allocated by unbound: so-rcvbuf,
>> so-sndbuf, maybe also so-reuseport, or more tcp connections (that use
>> buffer space) or more network interfaces, or simply a different kernel
>> version that uses (slightly) more memory or something along those lines.
>
> root at dns:~# cat /etc/unbound/unbound.conf | grep 'so-'
>     so-rcvbuf: 16m
>     so-sndbuf: 16m
>     so-reuseport: yes
>
> root at dns:~# cat /etc/unbound/unbound.conf | grep 'tcp'
>     do-tcp: yes
>     incoming-num-tcp: 1024
>     outgoing-num-tcp: 1024
>
> root at dns:~# uname -a
> Linux dns 4.9.26-040926-generic #201705031231 SMP Wed May 3 16:34:12
> UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
>
>
>
>> What is the limit on the subnet cache size?  What does the memory max
>> out on when the subnetmodule is not enabled?
>
> It's a public DNS resolver project in Brasil (like Google DNS), so...
> That's why we need to use subnetcache module.
>
> # cat /etc/unbound/unbound.conf | grep 'subnet'
>     module-config: "subnetcache validator iterator"
>     send-client-subnet: 0.0.0.0/0
>     send-client-subnet: 2000::/3
>     client-subnet-always-forward: no
>     max-client-subnet-ipv6: 48
>     max-client-subnet-ipv4: 24
>
> In subnetcache module manual says:
>
> "The maximum size of the ECS cache is controlled by 'msg-cache-size'  in
>        the configuration file. On top of that, for each query only 100 differ-
>        ent subnets are allowed to be stored for each address family. Exceeding
>        that number, older entries will be purged from cache."
>
> This section "100-different subnets ... and then purged", how to know
> if it's doing exactly this?
> My guessing there is a memory leak, because the large memory it uses.
>
>
> Best regards,
>
> --
> Eduardo Schoedler



-- 
Eduardo Schoedler