-------- Original Message -------- On Saturday, 12/20/25 at 20:40 [email protected] wrote:
OpenBSD uses sane defaults for what it provides. For logging they use syslog (and syslog can be configured to put everything unbound in a separate log file). But you can let unbound do its' own logs as you are doing, but then you are now the one setting it all up. Openbsd's default configuration is clearly not a sane configuration, because file permissions turn out to be mistaken to the point that I reload fails. I would not have started this thread otherwise On logs, you are jumping to conclusions. My real configuration is not the one I posted here for the sake of testing. On udp buffer absent on obsd, assuming it to be a good thing, it may not be the same buffer used by unbound. I did not check the source code, but the question is why they need to specify it in unbound.conf if they are just pumping packets as they come? Perhaps there is a buffer inside unbound and the purpose with then config is to make you aware of their need to align their buffer with that in the kernel. If the debug log says they need 4m, then I assume they have a good reason, supported by their experimental results. So, the most I can give, without recompiling the kernel, is 2m because this is the allowed maximum. Again, if it is true that udp buffer is absent on obsd, then why having the variable in sysctl, and why limiting to 2m? Perhaps there is a kernel buffer after all. On cpu, unbound hits mine with >2%. I observed DNS timeouts at the command line, and timeouts from SPF validation. If buffer overflow is the cause of it, I need the problem solved, not hidden.
