unbound generating too many log messages
wouter at nlnetlabs.nl
Tue Jan 19 15:41:08 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
On 19/01/16 16:20, Taylor R Campbell via Unbound-users wrote:
> Date: Tue, 19 Jan 2016 13:05:09 +0100 From: Dag-Erling Smørgrav via
> Unbound-users <unbound-users at unbound.net>
> Philippe Meunier via Unbound-users <unbound-users at unbound.net>
>> After booting, unbound and ntpd both start without problem. Then
>> ntpd automatically starts trying to contact NTP servers from
>> pool.ntp.org, which triggers DNS queries. In turn unbound tries
>> to contact root DNS servers and fails since no network interface
>> is configured yet.
> That shouldn't happen. OpenBSD's /etc/rc doesn't start unbound and
> ntpd until after /etc/netstart, which configures your network
> interfaces. The order is roughly pf (stub ruleset) - netstart - pf
> (real ruleset) - early daemons (including unbound and ntpd) - ipsec
> - rpc, nis and nfs - everything else.
> That's irrelevant to the issue Philippe raised. The network is
> not always available, no matter how well you configure your system
> or engineer your software. The problem here is that when the
> network is down, Unbound spews junk to its log as fast as it can.
> For years I've seen exactly the same issue as Philippe reported,
> and I asked about it on unbound-users a long time ago with no
> I have more or less worked around it by using daemontools
> multilog instead of syslog in order to reliably limit the size and
> throughput of the log files and to prevent them from interfering
> with other logs. But that's a workaround, not a fix.
There was already a similar for for permission denied spammed when the
network was down. But your system returns a different errno in that
situation. I have squelched the errno EADDRNOTAVAIL (Cannot assign
requested address): it is hidden when verbosity is low, visible if you
increase the verbosity. That hopefully keeps Philippe's logs clean.
Best regards, Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Unbound-users