Re: unbound(8) generating too many log messages

[Philippe Meunier]

Raf Czlonka wrote:
>How about simply disabling unbound at boot: [...]
>and then have something like this in your /etc/hostname.if:

Yes, I ended up disabling ntpd and un-enabling unbound in
/etc/rc.conf.local and then using:

/etc/rc.d/unbound -f start && /etc/rc.d/ntpd -f start

at the end of the script that I use to configure network interfaces.

Thanks.

Philippe

Re: unbound(8) generating too many log messages

[Mike]

On 1/14/2016 2:26 AM, Philippe Meunier wrote:
>[snip]
> The problem is that unbound(8) generates such a pair of messages up to
> 20 times for each root server!  That's 2 lines * 20 times * 13 root
> servers = 520 lines that end up going to syslog.  Then 15 seconds
> later ntpd(8) tries again and you get another 520 lines, and so on.
> This continues until a network interface is configured.  The result is
> that I've accumulated over 16000 lines of log messages like the ones
> above over just the past three days...
>[snip]

That's a big improvement over the way unbound used to be.

I have experienced unbound generating 20,000 log records PER SECOND.
http://marc.info/?l=unbound-users=137166462329717=2

What you're seeing is the fixed version which, imo, is still excessive
logging.

Re: unbound(8) generating too many log messages

[Raf Czlonka]

On Thu, Jan 14, 2016 at 07:26:32AM GMT, Philippe Meunier wrote:
> Hello,
> 
> I have a laptop computer configured to use unbound(8) and ntpd(8) but
> which does not have any network interface configured by default
> (except lo0, obviously) since which interface needs to be configured
> and how depends on where I'm using the computer.
> 
> After booting, unbound(8) and ntpd(8) both start without problem.
> Then ntpd(8) automatically starts trying to contact NTP servers from
> pool.ntp.org, which triggers DNS queries.  In turn unbound(8) tries to
> contact root DNS servers and fails since no network interface is
> configured.  Unbound(8) then logs messages to syslog:
> 
> Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: sendto failed: Can't 
> assign requested address
> Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: remote address is 
> 192.5.5.241 port 53
> 
> The problem is that unbound(8) generates such a pair of messages up to
> 20 times for each root server!  That's 2 lines * 20 times * 13 root
> servers = 520 lines that end up going to syslog.  Then 15 seconds
> later ntpd(8) tries again and you get another 520 lines, and so on.
> This continues until a network interface is configured.  The result is
> that I've accumulated over 16000 lines of log messages like the ones
> above over just the past three days...
> 
> So is there a way to make unbound(8) more quiet (short of sending the
> log messages to /dev/null)?

Hi Philippe,

How about simply disabling unbound at boot:

# rcctl disable unbound

and then have something like this in your /etc/hostname.if:

rcctl -f start unbound

> For info, this is the unbound(8) version 1.5.4 from OpenBSD
> 5.8-release.
> 
> Thank you,
> 
> Philippe

Regards,

Raf

Re: unbound(8) generating too many log messages

[Stuart Henderson]

Setting 'verbosity: 0' in config will do it, but I don't think it
should be necessary. At the very least putting the 'remote address'
on the same line as the sendto notice would give syslog something of
a chance to reduce the number of lines.

Could you ask for suggestions on unbound-users please?


On 2016-01-14, Philippe Meunier  wrote:
> Hello,
>
> I have a laptop computer configured to use unbound(8) and ntpd(8) but
> which does not have any network interface configured by default
> (except lo0, obviously) since which interface needs to be configured
> and how depends on where I'm using the computer.
>
> After booting, unbound(8) and ntpd(8) both start without problem.
> Then ntpd(8) automatically starts trying to contact NTP servers from
> pool.ntp.org, which triggers DNS queries.  In turn unbound(8) tries to
> contact root DNS servers and fails since no network interface is
> configured.  Unbound(8) then logs messages to syslog:
>
> Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: sendto failed: Can't 
> assign requested address
> Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: remote address is 
> 192.5.5.241 port 53
>
> The problem is that unbound(8) generates such a pair of messages up to
> 20 times for each root server!  That's 2 lines * 20 times * 13 root
> servers = 520 lines that end up going to syslog.  Then 15 seconds
> later ntpd(8) tries again and you get another 520 lines, and so on.
> This continues until a network interface is configured.  The result is
> that I've accumulated over 16000 lines of log messages like the ones
> above over just the past three days...
>
> So is there a way to make unbound(8) more quiet (short of sending the
> log messages to /dev/null)?
>
> For info, this is the unbound(8) version 1.5.4 from OpenBSD
> 5.8-release.
>
> Thank you,
>
> Philippe

unbound(8) generating too many log messages

[Philippe Meunier]

Hello,

I have a laptop computer configured to use unbound(8) and ntpd(8) but
which does not have any network interface configured by default
(except lo0, obviously) since which interface needs to be configured
and how depends on where I'm using the computer.

After booting, unbound(8) and ntpd(8) both start without problem.
Then ntpd(8) automatically starts trying to contact NTP servers from
pool.ntp.org, which triggers DNS queries.  In turn unbound(8) tries to
contact root DNS servers and fails since no network interface is
configured.  Unbound(8) then logs messages to syslog:

Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: sendto failed: Can't 
assign requested address
Jan 14 10:07:58 mycomputer unbound: [2824:0] notice: remote address is 
192.5.5.241 port 53

The problem is that unbound(8) generates such a pair of messages up to
20 times for each root server!  That's 2 lines * 20 times * 13 root
servers = 520 lines that end up going to syslog.  Then 15 seconds
later ntpd(8) tries again and you get another 520 lines, and so on.
This continues until a network interface is configured.  The result is
that I've accumulated over 16000 lines of log messages like the ones
above over just the past three days...

So is there a way to make unbound(8) more quiet (short of sending the
log messages to /dev/null)?

For info, this is the unbound(8) version 1.5.4 from OpenBSD
5.8-release.

Thank you,

Philippe