Re: unbound & so-sndbuf defaults

Fri, 17 Oct 2025 22:39:24 -0700 

On 2025/10/12 11:08, Landry Breuil wrote:
> hi,
> 
> found while deploying a new unbound on 7.8, at startup it warns loudly
> about the so-sndbuf default:
> 
> [1760258776] unbound[40302:0] warning: setsockopt(..., SO_SNDBUF, ...) was 
> not granted: No buffer space available
> [1760258776] unbound[40302:0] warning: so-sndbuf 4194304 was not granted. Got 
> 9216. To fix: start with root permissions(linux) or sysctl bigger 
> net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set 
> so-sndbuf: 0 (use system value).
> [1760258776] unbound[40302:0] warning: setsockopt(..., SO_SNDBUF, ...) was 
> not granted: No buffer space available
> [1760258776] unbound[40302:0] warning: so-sndbuf 4194304 was not granted. Got 
> 9216. To fix: start with root permissions(linux) or sysctl bigger 
> net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set 
> so-sndbuf: 0 (use system value).

hmm, that's printed a lot of times! I suppose you've configured it
to run many instances (num-threads).

Not noticed here because I don't normally use rcctl -d to start daemons,
and it doesn't show in syslog.

> should we set so-sndbuf to 0 in the default shipped config, change the
> default in the code, silence the warnings ?

perhaps this.

Index: util/config_file.c
===================================================================
RCS file: /cvs/src/usr.sbin/unbound/util/config_file.c,v
diff -u -p -r1.39 config_file.c
--- util/config_file.c  26 Sep 2025 07:32:37 -0000      1.39
+++ util/config_file.c  12 Oct 2025 09:49:19 -0000
@@ -210,7 +210,7 @@ config_create(void)
        cfg->if_automatic = 0;
        cfg->if_automatic_ports = NULL;
        cfg->so_rcvbuf = 0;
-       cfg->so_sndbuf = 4*1024*1024;
+       cfg->so_sndbuf = 1*1024*1024;
        cfg->so_reuseport = REUSEPORT_DEFAULT;
        cfg->ip_transparent = 0;
        cfg->ip_freebind = 0;

does anyone want a different value? we allow up to 2MB these days.
upstream went from "system default" to 1MB (with explanation) and then
4MB (25 mins later, no explanation)

- 
https://github.com/NLnetLabs/unbound/commit/03772d10fb6840c517f1fff63180797eef8290ef
Change default for so-sndbuf to 1m, to mitigate a cross-layer issue
where the UDP socket send buffers are exhausted waiting for ARP/NDP
resolution.

- 
https://github.com/NLnetLabs/unbound/commit/1ef7b4a24619f63d551a632673d52dd894e3b85a
Adjusted so-sndbuf default to 4m.

I typically set net.inet.udp.sendspace above the default on dedicated
unbound boxes. The default (9216) is really rather low and imho it
does make sense for unbound to raise it, though 4m seems too high
for general purpose use.

(My busier instances are not in the same subnet as clients so I wouldn't
usually see many effects from lladdr resolution times here. I expect
the worst case is when you have unbound on the same subnet as a
lot of wifi clients).

Reply via email to