fatal error: Could not set up local zones
Stuart Henderson
stu at spacehopper.org
Mon Dec 24 22:46:20 UTC 2018
On 2018-12-17, Brian Marshall via Unbound-users <unbound-users at nlnetlabs.nl> wrote:
>
> Hello list,
>
> I am running unbound 1.66 on OpenBSD and import a couple of
> spam/malware/c&c lists that I blackhole via local zone data in unbound.
> I seem to have run into some kind of limitation on the number of records
> I can load. I get the following error recently when my list reached
> 156550 local-data entries :
>
> unbound: [50167:0] error: out of memory adding local data
> unbound: [50167:0] fatal error: Could not set up local zones
>
> and the process exits.
>
> Is there a way to increase the maximum number of local entries that can
> be loaded?
> Thanks!
>
> -Brian Marshall
>
>
> PS:
>
>
> Version 1.6.6
> linked libs: pluggable-libevent 1.4.15-stable (it uses kqueue), LibreSSL
> 2.6.3
> linked modules: dns64 respip validator iterator
>
You are bumping into an OS limit set in login.conf. If you're starting
unbound the normal way via "rcctl start unbound" then it will be using
the class named "unbound" and you can check the configured limit like
this:
# su -c unbound -s /bin/sh _unbound -c "ulimit -a"
However the default login.conf provided with the OS doesn't impose any
particular limit for unbound, so the CPU architecture's MAXDSIZ is the
only limiting factor, 32Gb on amd64, so I suspect you are probably
not starting unbound the normal way.
That is a huge number of local-data entries though. You might be
better off using something more optimized for blocking. Maybe
worth looking at "adsuck" and configuring that to use a local
unbound instance as a forwarder instead.
More information about the Unbound-users
mailing list