Unbound: slow issues.

tailings at gmx.com tailings at gmx.com
Sun Oct 23 22:25:53 UTC 2016


I am running Unbound on FreeBSD, initially 10.3 and now 11, I tried the 
one on the FreeBSD Base, and now the Port (unbound-1.5.10) compiled with 
libevent support.

The problem I am experiencing is, from time to time unbound become 
utterly slow or do not resolve anything, or almost anything.

I did several changes on unbound.conf file and the problem now return 
about one time a day when just me (one user) is using Unbound as 
resolver. If a second user begin to using Unbound at same time it became 
slow as described until it have just one user again.

I opened a post on FreeBSD forum, what have more information:


I need to add I also tried without success to disable PF firewall 
looking for any kind of firewall related issue. Also, this is my current 

# This file was generated by local-unbound-setup.
# Modifications will be overwritten.
         port: 53
         username: unbound
         directory: /usr/local/etc/unbound
         chroot: /usr/local/etc/unbound
         pidfile: /usr/local/etc/unbound/unbound.pid
         auto-trust-anchor-file: /usr/local/etc/unbound/root.key
         root-hints: "/usr/local/etc/unbound/root.hints"

         logfile: log/unbound.log
         log-time-ascii: yes
         val-log-level: 2

         do-ip6: no
         do-tcp: yes


         access-control: allow
         access-control: allow

         private-domain: mydomain.com

         qname-minimisation: yes
         minimal-responses: no
         hide-identity: yes
         hide-version: yes
         do-not-query-localhost: no
         val-clean-additional: yes

         harden-glue: yes
         harden-dnssec-stripped: yes

         unwanted-reply-threshold: 10000

         prefetch: yes
         prefetch-key: yes

         cache-min-ttl: 3600
         cache-max-ttl: 86400

         num-threads: 4
         msg-cache-slabs: 8
         rrset-cache-slabs: 8
         infra-cache-slabs: 8
         key-cache-slabs: 8
         rrset-cache-size: 100m
         msg-cache-size: 50m
         outgoing-range: 8192
         num-queries-per-thread: 4096
         so-rcvbuf: 1m
         so-sndbuf: 1m

         unblock-lan-zones: yes
         insecure-lan-zones: yes

include: /usr/local/etc/unbound/conf.d/*.conf

#       name: .
#       forward-addr:
#       forward-addr:

         control-enable: yes
         control-interface: /usr/local/etc/unbound/unbound.ctl
         control-use-cert: no

Thank you!

More information about the Unbound-users mailing list