On 2025/10/12 23:19, Alexander Bluhm wrote: > On Sun, Oct 12, 2025 at 11:19:43AM +0100, Stuart Henderson wrote: > > > should we set so-sndbuf to 0 in the default shipped config, change the > > > default in the code, silence the warnings ? > > Our UDP stack has no UDP socket buffer for sending. Each packet > is directly passed to ip_output(). So basically this value is a > per packet size limit.
Ah, I didn't realise that. Thanks. > > perhaps this. > > > > Index: util/config_file.c > > =================================================================== > > RCS file: /cvs/src/usr.sbin/unbound/util/config_file.c,v > > diff -u -p -r1.39 config_file.c > > --- util/config_file.c 26 Sep 2025 07:32:37 -0000 1.39 > > +++ util/config_file.c 12 Oct 2025 09:49:19 -0000 > > @@ -210,7 +210,7 @@ config_create(void) > > cfg->if_automatic = 0; > > cfg->if_automatic_ports = NULL; > > cfg->so_rcvbuf = 0; > > - cfg->so_sndbuf = 4*1024*1024; > > + cfg->so_sndbuf = 1*1024*1024; > > cfg->so_reuseport = REUSEPORT_DEFAULT; > > cfg->ip_transparent = 0; > > cfg->ip_freebind = 0; > > This would work. As any other value between 64 KB and 2 MB. > > > does anyone want a different value? we allow up to 2MB these days. > > upstream went from "system default" to 1MB (with explanation) and then > > 4MB (25 mins later, no explanation) > > > > - > > https://github.com/NLnetLabs/unbound/commit/03772d10fb6840c517f1fff63180797eef8290ef > > Change default for so-sndbuf to 1m, to mitigate a cross-layer issue > > where the UDP socket send buffers are exhausted waiting for ARP/NDP > > resolution. > > The ARP/NDP queue has its own limit that is independent of the > UDP protocol. > > #define LA_HOLD_QUEUE 10 > #define LA_HOLD_TOTAL 100 > #define LN_HOLD_QUEUE 10 > #define LN_HOLD_TOTAL 100 > > > I typically set net.inet.udp.sendspace above the default on dedicated > > unbound boxes. The default (9216) is really rather low and imho it > > does make sense for unbound to raise it, though 4m seems too high > > for general purpose use. > > Just setting it to 1 MB like in your diff fixes the warning and > does not confuse people. > > OK bluhm@ >
