unbound generating too many log messages
the.lists at mgm51.com
Tue Jan 19 15:37:48 UTC 2016
On 1/19/2016 10:20 AM, Taylor R Campbell via Unbound-users wrote:
> Date: Tue, 19 Jan 2016 13:05:09 +0100
> From: Dag-Erling Smørgrav via Unbound-users <unbound-users at unbound.net>
> Philippe Meunier via Unbound-users <unbound-users at unbound.net> writes:
> > After booting, unbound and ntpd both start without problem. Then ntpd
> > automatically starts trying to contact NTP servers from pool.ntp.org,
> > which triggers DNS queries. In turn unbound tries to contact root DNS
> > servers and fails since no network interface is configured yet.
> That shouldn't happen. OpenBSD's /etc/rc doesn't start unbound and ntpd
> until after /etc/netstart, which configures your network interfaces.
> The order is roughly pf (stub ruleset) - netstart - pf (real ruleset) -
> early daemons (including unbound and ntpd) - ipsec - rpc, nis and nfs -
> everything else.
> That's irrelevant to the issue Philippe raised. The network is not
> always available, no matter how well you configure your system or
> engineer your software. The problem here is that when the network is
> down, Unbound spews junk to its log as fast as it can.
At one point, on this mailing list I documented 20,000 syslog messages
per second from unbound when the network interface was unavailable for a
couple of seconds.
While unbound logging has improved a bit since then, I still see far too
many essentially duplicate syslog messages for a single network
If I need high volume logging for troubleshooting, I'll increase the
logging verbosity. Logging should be something that is helpful, not
something I cringe about.
More information about the Unbound-users