Re: Unbound: slow issues.

Tue, 25 Oct 2016 08:05:39 -0700 

Please, let me add I am using LibreSSL instead OpenSSL.

Thank you.


On 23/10/16 20:25, tailings--- via Unbound-users wrote:

Hello,
I am running Unbound on FreeBSD, initially 10.3 and now 11, I tried the one on the FreeBSD Base, and now the Port (unbound-1.5.10) compiled with libevent support.
The problem I am experiencing is, from time to time unbound become utterly slow or do not resolve anything, or almost anything.
I did several changes on unbound.conf file and the problem now return about one time a day when just me (one user) is using Unbound as resolver. If a second user begin to using Unbound at same time it became slow as described until it have just one user again. 

I opened a post on FreeBSD forum, what have more information:

https://forums.freebsd.org/threads/57493/
I need to add I also tried without success to disable PF firewall looking for any kind of firewall related issue. Also, this is my current unbound.conf: 


# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
server:
        port: 53
        username: unbound
        directory: /usr/local/etc/unbound
        chroot: /usr/local/etc/unbound
        pidfile: /usr/local/etc/unbound/unbound.pid
        auto-trust-anchor-file: /usr/local/etc/unbound/root.key
        root-hints: "/usr/local/etc/unbound/root.hints"

        logfile: log/unbound.log
        log-time-ascii: yes
        val-log-level: 2

        do-ip6: no
        do-tcp: yes

        interface: 127.0.0.2
        interface: 192.168.0.220

        access-control: 127.0.0.2/16 allow
        access-control: 192.168.0.0/24 allow

        private-address: 192.168.0.0/24
        private-domain: mydomain.com

        qname-minimisation: yes
        minimal-responses: no
        hide-identity: yes
        hide-version: yes
        do-not-query-localhost: no
        val-clean-additional: yes

        harden-glue: yes
        harden-dnssec-stripped: yes

        unwanted-reply-threshold: 10000

        prefetch: yes
        prefetch-key: yes

        cache-min-ttl: 3600
        cache-max-ttl: 86400

        num-threads: 4
        msg-cache-slabs: 8
        rrset-cache-slabs: 8
        infra-cache-slabs: 8
        key-cache-slabs: 8
        rrset-cache-size: 100m
        msg-cache-size: 50m
        outgoing-range: 8192
        num-queries-per-thread: 4096
        so-rcvbuf: 1m
        so-sndbuf: 1m

        unblock-lan-zones: yes
        insecure-lan-zones: yes

include: /usr/local/etc/unbound/conf.d/*.conf

#forward-zone:
#       name: .
#       forward-addr: 189.38.95.95
#       forward-addr: 189.38.95.96

remote-control:
        control-enable: yes
        control-interface: /usr/local/etc/unbound/unbound.ctl
        control-use-cert: no


Thank you!
Alex.

Reply via email to