[Unbound-users] Resolving Timeouts/Issues

Dave Ellis dave at colo4dallas.com
Wed Oct 8 13:13:55 UTC 2008 

Hello!
 
I'm looking at using unbound as a replacement for Bind9 for our
datacenters caching nameservers. Bind is overly bloated and complex for
something as simple as providing a DNS resolver for our customers. So
far unbound seems streamlined and fast, I like it. 
 
Earlier this morning, I actually implemented unbound on one of our
lesser used caching nameservers in order to try it out under some actual
load. I came across a problem and hopefully you all can give me a hand
with it. Here is a snippit of the some applicable logs.
 
[1223447403] unbound[4318:0] info: validator operate: query <fox.com. A
IN>
[1223447403] unbound[4318:0] info: resolving <fox.com. A IN>
[1223447403] unbound[4318:0] info: resolving (init part 2):  <fox.com. A
IN>
[1223447403] unbound[4318:0] info: resolving (init part 3):  <fox.com. A
IN>
[1223447403] unbound[4318:0] info: processQueryTargets: <fox.com. A IN>
[1223447403] unbound[4318:0] info: sending query: <fox.com. A IN>
[1223447403] unbound[4318:0] info: 345RDd mod1 rep <fox.com. A IN>
[1223447403] unbound[4318:0] info: 345RDd mod1 rep <fox.com. A IN>
[1223447403] unbound[4318:0] info: 345RDd mod1 rep <fox.com. A IN>
[1223447403] unbound[4318:0] info: 345RDd mod1 rep <fox.com. A IN>
[1223447403] unbound[4318:0] info: 345RDd mod1 rep <fox.com. A IN>
...insert 100's of repeats of this log entry...
[1223447441] unbound[4318:0] info: 339RDdc mod1 rep <fox.com. A IN>
[1223447441] unbound[4318:0] info: 339RDdc mod1 rep <fox.com. A IN>
[1223447441] unbound[4318:0] info: 339RDdc mod1 rep <fox.com. A IN>
[1223447441] unbound[4318:0] info: 339RDdc mod1 rep <fox.com. A IN>
[1223447441] unbound[4318:0] info: 339RDdc mod1 rep <fox.com. A IN>
[1223447441] unbound[4318:0] info: iterator operate: query <fox.com. A
IN>
[1223447441] unbound[4318:0] info: scrub for <fox.com. NS IN>
[1223447441] unbound[4318:0] info: response for <fox.com. A IN>
[1223447441] unbound[4318:0] info: reply from <fox.com.>
212.187.244.39#53
;; fox.com. IN A
fox.com. 600 IN A 69.10.20.100
[1223447441] unbound[4318:0] info: finishing processing for <fox.com. A
IN>
[1223447441] unbound[4318:0] info: validator operate: query <fox.com. A
IN>

After 4-5 queries and timeouts with nslookup/dig I eventually get the
response shown above. Any ideas? Something wrong with my config?
 
Thanks!
 
Config:
 
cache-ns6:/usr/local/etc/unbound# cat unbound.conf 
       server:
 directory: "/usr/local/etc/unbound" 
 username: unbound  
 chroot: "/usr/local/etc/unbound"
 logfile: "/usr/local/etc/unbound/unbound.log"
 pidfile: "/usr/local/etc/unbound/unbound.pid"
 interface: 0.0.0.0
 access-control: 0.0.0.0/0 allow
 root-hints: "/usr/local/etc/unbound/named.cache"
 do-ip6: no
 outgoing-num-tcp: 100
 incoming-num-tcp: 100
 msg-cache-size: 1500m
 msg-cache-slabs: 8
 statistics-interval: 30

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20081008/cee0a45c/attachment.htm>

More information about the Unbound-users mailing list