Unbound Serve expired; cache hit rate reducing with time
Yorgos Thessalonikefs
yorgos at nlnetlabs.nl
Wed Sep 25 14:22:31 UTC 2024
Hi Andy, Isaac,
FYI, the relevant fixes [1] were merged and this will be included in the
upcoming 1.22.0 release.
An announcement in this mailing list will happen when that is ready.
Best regards,
-- Yorgos
[1] https://github.com/NLnetLabs/unbound/pull/1143
On 01/08/2024 20:07, Andy Lemin wrote:
> Hi Yorgos,
>
> Nice, yes that DNSSEC issue does seem related!
> I notice the last comments were 6 months ago, but it has been marked for
> 1.22.
>
> Issac, in the meantime we should each try to document our specific cases
> with reproducible examples if possible (and reference the above issue).
>
> Our issues may prove to be easier to start with.
> Thanks again for your help.
> Andy.
>
>
>> On 1 Aug 2024, at 16:35, Yorgos Thessalonikefs via Unbound-users
>> <unbound-users at lists.nlnetlabs.nl> wrote:
>>
>> Hi Andy, Issac,
>>
>> Maybe you are both hitting a variation of
>> https://github.com/NLnetLabs/unbound/issues/994.
>> Namely, Unbound when resolving will try to update the cache with new
>> data even if the stale data would have been more useful.
>> There is ongoing work to make Unbound more careful with replacing
>> cached content when serve-expired is used.
>>
>> Best regards,
>> -- Yorgos
>>
>> On 01/08/2024 04:46, Andy Lemin via Unbound-users wrote:
>>> Hi,
>>> I have a similar experience, where prefetch seems to poison the cache
>>> with negative responses.
>>> This is a good read; https://unbound.docs.nlnetlabs.nl/en/latest/
>>> topics/core/serve-stale.html <https://unbound.docs.nlnetlabs.nl/en/
>>> latest/topics/core/serve-stale.html>
>>> Can any one clarify a parameter combination which allows immediate
>>> cache responses, and which tells prefetch to always ignore negative
>>> responses?
>>> I wonder if taking the advice of the above article (and being mindful
>>> of this https://github.com/NLnetLabs/unbound/issues/533 <https://
>>> github.com/NLnetLabs/unbound/issues/533> it is possible to get this
>>> working). Just can’t figure out how to force prefetch to ignore
>>> negative responses.
>>> Please share your results :)
>>> Andy.
>>>> On 31 Jul 2024, at 20:33, sir izake via Unbound-users <unbound-
>>>> users at lists.nlnetlabs.nl> wrote:
>>>>
>>>>
>>>> Hi
>>>> I have installed unbound version: 1.20.0 on a FreeBSD 14 server.
>>>> This was working fine until the server lost internet connectivity to
>>>> the upstream internet provider. Prior to this the average cache hit
>>>> rate on the server was 99.0% with only 1% recursive replies.
>>>> Part of my unbound.conf file is shown below
>>>>
>>>> server: prefetch: yes serve-expired: yes
>>>> # serve-expired-ttl: 0
>>>> # serve-expired-ttl-reset: no
>>>> After loss of internet average cache hit rate has reduced to 14%
>>>> whiles recursive queries is showing 86% (still internet is not restored)
>>>> My expectation is
>>>> Caching server should continue to serve expired and keep the cache
>>>> hit rate high because the serve-expired-ttl is default
>>>> (meaning it should continue serving cached content until upstream is
>>>> restored).
>>>> My observation is the opposite. Is there anything I am missing? How
>>>> can i ensure that the caching server will continue serving cache
>>>> data several days after upstream
>>>> internet is lost
>>>> Regards
>>>> Isaac
>>>>
>>>>
>>>>
More information about the Unbound-users
mailing list