Hello,
I'm also experiencing the "Host is down" problem:
unbound: [85343:0] error: recvfrom 361 failed: Host is down
Running openbsd 6.6 (GENERIC.MP), current syspatch,
native unbound as a full resolver, pf disabled.
OpenBSD is a guest VM on a debian buster host using virtual e1000
network card ("Intel 82540EM" driver in openbsd). No firewall
in between. The VM is a tor-exit node.
$ netstat -s -p udp
udp:
9379065 datagrams received
0 with incomplete header
0 with bad data length field
16 with bad checksum
32675 with no checksum
9346390 input packets software-checksummed
6059478 output packets software-checksummed
201392 dropped due to no socket
0 broadcast/multicast datagrams dropped due to no socket
0 dropped due to missing IPsec protection
0 dropped due to full socket buffers
9177657 delivered
18686884 datagrams output
9378087 missed PCB cache
/etc/sysctl.conf
kern.maxfiles=30000
net.inet.udp.sendspace=262144
net.inet.udp.recvspace=262144
kern.somaxconn=2500
kern.maxproc=3000
kern.bufcachepercent=50
net.inet.tcp.rfc3390=1
/etc/login.conf
unbound:\
:openfiles=13500:\
:tc=daemon:
/var/unbound/etc/unbound.conf
num-threads: 2
msg-cache-slabs: 4
rrset-cache-slabs: 4
infra-cache-slabs: 4
key-cache-slabs: 4
rrset-cache-size: 100m
msg-cache-size: 50m
outgoing-range: 450
outgoing-num-tcp: 25
incoming-num-tcp: 25
msg-buffer-size: 65552
Each unbound thread is doing around 1.2 million queries a day.
I'd also be interested in knowing if increasing udp.sendspace and
udp.recvspace has negative implications or what else might be done.
Thank you!
w.
