I would like to ask devs and fellow users for opinions, experiences,
insight about optimal size of cache in a minimal / average / server
specs machine. I would also like to ask about the maximally feasible
size, in case one should want to use a significant part of it for
weeding out garbage. Yes, I have a firewall (and a file HOSTS) on
every machine and I have a router with filtering and firewall, but
sometimes laptops move around and a pocket mobile hotspot can hardly
do any filtering.
I would also like to ask where physically the cache is located. I
know, RTFM, but I did not find it easily, and searching the
mailinglist archive is not very easy - there should be a search box
Thank you a lot everyone
Daniela
Zitat von daniela daniela <daniela.daniela.daniela.daniela@gmail.com>:
Hallo and thank you to developers,
I would like to ask devs and fellow users for opinions, experiences,
insight about optimal size of cache in a minimal / average / server
specs machine. I would also like to ask about the maximally feasible
size, in case one should want to use a significant part of it for
weeding out garbage. Yes, I have a firewall (and a file HOSTS) on
every machine and I have a router with filtering and firewall, but
sometimes laptops move around and a pocket mobile hotspot can hardly
do any filtering.
The optimal cache size is easy: As much as you can provide without impacting other services on the machine. On the other hand even a too small cache whith Unbound have to purge results not expired yet, doesn't harm too much beside in corner cases.
I would also like to ask where physically the cache is located. I
know, RTFM, but I did not find it easily, and searching the
mailinglist archive is not very easy - there should be a search box
Thank you a lot everyone
Daniela
Not sure what you mean with "physically located". The cache is obviously in the machine RAM, but if you ask for the network location of the machine you should always get a close to your border router as possible.
The optimal cache size is easy: As much as you can provide without impacting
other services on the machine. On the other hand even a too small cache
whith Unbound have to purge results not expired yet, doesn't harm too much
beside in corner cases.
I am very puzzled because even on my old netbook which has only 2GB
ram, unbound (with standard parameters) is only 132 KB. So of course I
have the strong desire to drastically increase, but being pretty
clueless, I am also wary
Not sure what you mean with "physically located". The cache is obviously in
the machine RAM, but if you ask for the network location of the machine you
should always get a close to your border router as possible.
Thank you a lot, sorry for my bad english. So it would be better to
have the LAN query a machine / gateway which runs the service, as
opposed to activating the service on each machine to take care of
itself?
One more question, is there a way to feed data to unbound cache? Such
as blacklists or already resolved whitelists? I can only imagine the
brute force and crude method of inserting a huge load of stuff into
HOSTS file, run a script that calls all those IPs while I supposedly
sleep (do we ever sleep?), then feed it another chunk until it's all
done. More elegant solutions?
Zitat von daniela daniela <daniela.daniela.daniela.daniela@gmail.com>:
Thank you a lot Andreas,
The optimal cache size is easy: As much as you can provide without impacting
other services on the machine. On the other hand even a too small cache
whith Unbound have to purge results not expired yet, doesn't harm too much
beside in corner cases.
I am very puzzled because even on my old netbook which has only 2GB
ram, unbound (with standard parameters) is only 132 KB. So of course I
have the strong desire to drastically increase, but being pretty
clueless, I am also wary
You should keep the following in mind:
- The Unbound memory values are borders Unbound should not cross but in the ideal case are never reached
- DNS records are small and even some "tiny" MB can hold a lot of them, so the maximum cache size is often bigger as it needs to be
- Even if the cache boundery is hit the performance impact is typically low because the entries Unbound is forced to expire early are rarely used anyway
Not sure what you mean with "physically located". The cache is obviously in
the machine RAM, but if you ask for the network location of the machine you
should always get a close to your border router as possible.
Thank you a lot, sorry for my bad english. So it would be better to
have the LAN query a machine / gateway which runs the service, as
opposed to activating the service on each machine to take care of
itself?
Yes of course. The LAN latency is low and the more clients you have, the higher the cance that a DNS record is cached because of a previous question from an other client. That's the whole point of a cache to prevent asking the same question again across the slow internet link.
One more question, is there a way to feed data to unbound cache? Such
as blacklists or already resolved whitelists? I can only imagine the
brute force and crude method of inserting a huge load of stuff into
HOSTS file, run a script that calls all those IPs while I supposedly
sleep (do we ever sleep?), then feed it another chunk until it's all
done. More elegant solutions?
IMHO pre-warm the cache is not as useful as one might think. Many DNS records have a low TTL and are therefore expired before you will actually use them. You might try to set "prefetch: yes" to see if it helps in your case.
