Unbound Serve expired; cache hit rate reducing with time
Andy Lemin
andrew.lemin at gmail.com
Thu Aug 1 18:07:18 UTC 2024
Hi Yorgos,
Nice, yes that DNSSEC issue does seem related!
I notice the last comments were 6 months ago, but it has been marked for 1.22.
Issac, in the meantime we should each try to document our specific cases with reproducible examples if possible (and reference the above issue).
Our issues may prove to be easier to start with.
Thanks again for your help.
Andy.
> On 1 Aug 2024, at 16:35, Yorgos Thessalonikefs via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
> Hi Andy, Issac,
>
> Maybe you are both hitting a variation of
> https://github.com/NLnetLabs/unbound/issues/994.
> Namely, Unbound when resolving will try to update the cache with new data even if the stale data would have been more useful.
> There is ongoing work to make Unbound more careful with replacing cached content when serve-expired is used.
>
> Best regards,
> -- Yorgos
>
> On 01/08/2024 04:46, Andy Lemin via Unbound-users wrote:
>> Hi,
>> I have a similar experience, where prefetch seems to poison the cache with negative responses.
>> This is a good read; https://unbound.docs.nlnetlabs.nl/en/latest/topics/core/serve-stale.html <https://unbound.docs.nlnetlabs.nl/en/latest/topics/core/serve-stale.html>
>> Can any one clarify a parameter combination which allows immediate cache responses, and which tells prefetch to always ignore negative responses?
>> I wonder if taking the advice of the above article (and being mindful of this https://github.com/NLnetLabs/unbound/issues/533 <https://github.com/NLnetLabs/unbound/issues/533> it is possible to get this working). Just can’t figure out how to force prefetch to ignore negative responses.
>> Please share your results :)
>> Andy.
>>> On 31 Jul 2024, at 20:33, sir izake via Unbound-users <unbound-users at lists.nlnetlabs.nl> wrote:
>>>
>>> Hi
>>> I have installed unbound version: 1.20.0 on a FreeBSD 14 server. This was working fine until the server lost internet connectivity to the upstream internet provider. Prior to this the average cache hit rate on the server was 99.0% with only 1% recursive replies.
>>> Part of my unbound.conf file is shown below
>>> server: prefetch: yes serve-expired: yes
>>> # serve-expired-ttl: 0
>>> # serve-expired-ttl-reset: no
>>> After loss of internet average cache hit rate has reduced to 14% whiles recursive queries is showing 86% (still internet is not restored)
>>> My expectation is
>>> Caching server should continue to serve expired and keep the cache hit rate high because the serve-expired-ttl is default
>>> (meaning it should continue serving cached content until upstream is restored).
>>> My observation is the opposite. Is there anything I am missing? How can i ensure that the caching server will continue serving cache data several days after upstream
>>> internet is lost
>>> Regards
>>> Isaac
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20240802/0be574ef/attachment.htm>
More information about the Unbound-users
mailing list