Hi,

I work at an ISP/NSP in Brazil. I’m planning an unbound DNS superserver to answer a lot of customers in our ISP

This morning I made some tests with the latest unbound version (1.13.0), compiling it with option --with-libevent.

After unbound started I noticed system is listening to TCP/UDP Port 53 in more than one instance:

netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3703/unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3703/unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3703/unbound
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3703/unbound
tcp 0 0 127.0.0.1:8953 0.0.0.0:* LISTEN 3703/unbound
tcp6 0 0 :::53 :::* LISTEN 3703/unbound

tcp6 0 0 :::53 :::* LISTEN 3703/unbound
tcp6 0 0 :::53 :::* LISTEN 3703/unbound
tcp6 0 0 :::53 :::* LISTEN 3703/unbound
tcp6 0 0 ::1:8953 :::* LISTEN 3703/unbound
udp 0 0 0.0.0.0:53 0.0.0.0:* 3703/unbound

udp 0 0 0.0.0.0:53 0.0.0.0:* 3703/unbound
udp 0 0 0.0.0.0:53 0.0.0.0:* 3703/unbound
udp 0 0 0.0.0.0:53 0.0.0.0:* 3703/unbound
udp6 0 0 :::53 :::* 3703/unbound
udp6 0 0 :::53 :::* 3703/unbound
udp6 0 0 :::53 :::* 3703/unbound
udp6 0 0 :::53 :::* 3703/unbound

I got some questions im my mind and would like help to understand:

• Is this the expected result when unbound is compiled with libevent?
• Does num-threads: 4 created 4 unbound instances to load balance DNS queries?
• Using the parameter num-queries-per-thread: 4096 will every thread be able to serve 4096 queries?

That was my step-by-step config:

apt-get install make gcc libssl-dev libevent-dev libexpat1-dev libldns-dev libunbound2 libunbound-dev

cd /tmp

wget https://nlnetlabs.nl/downloads/unbound/unbound-latest.tar.gz
tar zxvf unbound-latest.tar.gz
cd unbound-1.13.0/

./configure --with-libevent

make && make install

groupadd unbound
useradd -c “Unbound DNS resolver” -d /home/unbound -m -g unbound -s /bin/false unbound

unbound-control-setup

vim /usr/local/etc/unbound/unbound.conf