error: outgoing tcp: bind: Address already in use
Nick Urbanik
nick.urbanik at optusnet.com.au
Wed Jul 12 04:37:06 UTC 2017
Dear Wouter,
On 06/07/17 10:30 +0200, W.C.A. Wijngaards via Unbound-users wrote:
>Hi Nick,
>
>The config number for outgoing tcp is likely too low. outgoing-num-tcp:
>1000
We had it set to 3000. The machine is a resolver, with four machines
forwarding to it. It has normal traffic of about 8,000 queries per
second. The caches have up to 45,000 queries per second.
>Also, you may be running out of port numbers, perhaps this causes the
>'bind a tcp socket returns errno Address already in use', because the
>choice of port number was left to the kernel? Unless you force a
>particular port number in the config, but that is unlikely.
Please can you suggest how I might do that?
>People usually want to change the kernel handling of timewait with
>port reuse when that happens.
So that is through a sysctl setting, I expect.
>Best regards, Wouter
>
>On 06/07/17 10:13, Nick Urbanik via Unbound-users wrote:
>> Dear Folks,
>>
>> A DNS server running unbound 1.6.3 has these messages; any suggestions
>> on what is happening?
>>
>> error: serviced_tcp_initiate: failed to send tcp query
>> error: outgoing tcp: bind: Address already in use
Here is the configuration, which is complete, except for the
access-control statements, which are included from
/etc/unbound/local.d/*.conf. No other statements are included.
Can you suggest any possible changes to better support TCP queries?
include: /etc/unbound/conf.d/*.conf
remote-control:
control-cert-file: /etc/unbound/unbound_control.pem
control-enable: yes
control-interface: 127.0.0.1
control-key-file: /etc/unbound/unbound_control.key
server-cert-file: /etc/unbound/unbound_server.pem
server-key-file: /etc/unbound/unbound_server.key
server:
auto-trust-anchor-file: /var/lib/unbound/root.key
chroot: ""
directory: /etc/unbound
dlv-anchor-file: /etc/unbound/dlv.isc.org.key
do-ip6: no
extended-statistics: yes
harden-below-nxdomain: yes
harden-glue: yes
harden-referral-path: yes
hide-identity: yes
hide-version: yes
include: /etc/unbound/local.d/*.conf
incoming-num-tcp: 3000
infra-cache-numhosts: 40000
infra-cache-slabs: 16
interface: 127.0.0.1
interface: 130.232.53.173
interface: 20.81.34.106
interface: 24.219.107.46
interface-automatic: no
key-cache-size: 128m
key-cache-slabs: 16
log-time-ascii: yes
logfile: /var/log/unbound/unbound.log
max-udp-size: 3072
minimal-responses: yes
msg-cache-size: 800m
msg-cache-slabs: 16
neg-cache-size: 128m
num-queries-per-thread: 16384
num-threads: 8
outgoing-interface: 24.219.107.46
outgoing-num-tcp: 3000
outgoing-port-avoid: 0-2767
outgoing-port-permit: 2768-65535
outgoing-range: 49152
pidfile: /var/run/unbound/unbound.pid
prefetch: yes
prefetch-key: yes
ratelimit: 1000
ratelimit-factor: 10
ratelimit-for-domain: . 10000
ratelimit-for-domain: com. 10000
ratelimit-for-domain: dlv.isc.org. 10000
ratelimit-for-domain: edu. 5000
ratelimit-for-domain: gov. 5000
ratelimit-for-domain: net. 5000
ratelimit-for-domain: org. 5000
ratelimit-size: 128m
ratelimit-slabs: 8
rrset-cache-size: 1600m
rrset-cache-slabs: 16
rrset-roundrobin: yes
so-rcvbuf: 8m
so-reuseport: yes
so-sndbuf: 8m
statistics-cumulative: yes
trusted-keys-file: /etc/unbound/keys.d/*.key
unwanted-reply-threshold: 10000000
username: unbound
--
Nick Urbanik http://nicku.org 808-71011 nick.urbanik at optusnet.com.au
GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24 ID: BB9D2C24
I disclaim, therefore I am.
More information about the Unbound-users
mailing list