Thanks Stuart,
A year or two ago I set the following sysctl which did help,
fdns1# cat /etc/sysctl.conf
net.inet.udp.recvspace=262144
net.inet.udp.sendspace=262144
Thanks for the tip re diagnosing the UDP buffers output of the command you
suggested looks good from a buffer perspective...
The server has been running a few hours
fdns1# netstat -s -p udp
udp:
32820423 datagrams received
0 with incomplete header
0 with bad data length field
7 with bad checksum
133788 with no checksum
32686635 input packets software-checksummed
0 output packets software-checksummed
40699 dropped due to no socket
13873 broadcast/multicast datagrams dropped due to no socket
0 dropped due to missing IPsec protection
0 dropped due to full socket buffers
32765844 delivered
32913599 datagrams output
24008710 missed PCB cache
Thanks again, Really appreciate your
Tom Smyth
On Wed, 22 Dec 2021 at 11:26, Stuart Henderson <[email protected]>
wrote:
> On 2021-12-22, Dirk Coetzee <[email protected]> wrote:
> > Hi Tom,
> >
> > I would recommend debugging using "unbound-control stats_noreset" and
> referencing the unbound configuration documentation at
> https://www.nlnetlabs.nl/documentation/unbound/unbound.conf/
>
> Also check for "dropped due to full socket buffers" in netstat -s -p udp,
> some have reported needing to raise net.inet.udp.*space sysctls.
>
> You might also consider front-ending with dnsdist. As well as answering hot
> requests very quickly, that could also simplify things for maintenance.
>
> > On Tue, 21 Dec 2021 at 21:15, Tom Smyth <[email protected]>
> > wrote:
> >
> >> Recommendations on Buffer Space for Busy Unbound Resolver Service for
> >> a network serving a 3000, customers
>
>
> --
> Please keep replies on the mailing list.
>
>
--
Kindest regards,
Tom Smyth.
