On 10/04/2014 05:30 μμ, Jan-Frode Myklebust wrote: > We typically have high time periods of 12-14k qps on our DNS-servers, and > it's been working fairly well on bind, but with unbound we seem to get into > trouble when the qps exceed 7k. We then see a clear drop in the request > rate, and clients move over to the secondary dns server. Try commenting out the dlv-anchor-file directive. We had a similar situation about a month ago, where at random times our unbound servers would start dropping queries. Running "unbound-control stats_noreset | grep total.requestlist" at the time showed lots of exceeded requests. We tried increasing various options (num-threads, num-queries-per-thread etc), but the problem kept coming back randomly. At some point, we started recording the output of "unbound-control dump_requestlist" every minute, and this revealed that when queries were being dropped, there was a huge delay getting answers from authoritative NSs of dlv.isc.org. Maybe RRL on their side? Maybe network trouble in the path between us that we were not aware of? We never found out, but we turned off dlv and didn't have a problem since then. Sot.