[Unbound-users] Lots of logging

W.C.A. Wijngaards wouter at nlnetlabs.nl
Tue Jun 25 07:16:11 UTC 2013

Hash: SHA1

Hi Mike,

On 06/19/2013 07:49 PM, Mike. wrote:
> On 6/19/2013 at 9:27 AM W.C.A. Wijngaards wrote:
> |-----BEGIN PGP SIGNED MESSAGE----- |Hash: SHA1 | |Hi Mike, | |The
> operating system tells unbound that it cannot send to a 'normal' 
> |IP address.  (unbound has do-not-query and access-control in its 
> |config to block IPs you do not like). | |If you have a strange
> setup and traffic from clients not on localhost |arrives to
> and unbound tries to answer back, then this error |is
> normal for trying to send to 192... with source address 
> | |Otherwise, this must be traffic that unbound sends to
> nameservers |('upstream').  If you dig @ , is that
> also operation not |permitted? | |This error is not throttled by
> verbosity, because it is likely a local |misconfiguration.  The OS
> disallows network access to unbound ... | |Best regards, |
> Wouter =============
> Hi Wouter,
> I noticed the same excessive logging one time on another server 
> (FreeBSD 9.1, unbound 1.4.18).   I was doing some minor rack 
> reconfiguration, and I unplugged the network cable from the server 
> running unbound for a couple of seconds.  I saw a similar flood of
> log messages during the time that the network cable was unplugged.
> In the case I posted yesterday, perhaps the network was not yet 
> available when unbound started up, and for the two seconds until
> the network became available, unbound flooded the log with error
> messages. After those two seconds, unbound's logging was fine, and
> as expected.
> So in my experiences, it appears that unbound does the excessive 
> logging when DNS queries are being made and the network goes away,
> or is not available.
> My question through all this is: what is an appropriate volume of 
> logging for a program when that program experiences a network
> issue? In my opinion a logging rate of 20 messages in a millisecond
> (20,000 messages per second) might be a bit excessive.  A single
> "no network interface available", or something along those lines,
> might be more appropriate and helpful.

That is excessive.  So, the message is printed if you set verbosity
higher (2 = per query verbose).  If people need to debug they try to
set verbosity higher and can then get a dose of these errors if they
have them.  (you can briefly set verbosity higher and lower using

Best regards,

Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the Unbound-users mailing list