Unbound optimal settings

Simon-Bernard_Drolet · September 3, 2009, 11:40pm

Hi all,

We've been running Unbound in production for some months now.

Currently, I have 1.3.1 runing, getting ready to update to 1.3.3. We have three server in prod, each with one unbound running (2 thread each) in a zone. When we removed one server, we've started to have some problems. When I decided to stop one more server, leaving only one running, we had major dns problems. We have a lot of systems, we're doing web serving...

Here is how I compile unbound on Solaris 10 x86 5/09 with Sun Studio 12u1...

  export CC=cc
  ./configure \
    --prefix=/opt/unbound \
    --libexecdir=/opt/unbound/lib \
    --sysconfdir=/var/unbound/etc \
    --sharedstatedir=/var/unbound \
    --localstatedir=/var/unbound \
    --with-conf-file=/var/unbound/etc/unbound.conf \
    --with-run-dir=/var/unbound \
    --with-chroot-dir=/var/unbound \
    --with-pidfile=/var/unbound/run/unbound.pid \
    --with-username=nobody \
    --without-pthreads \
    --without-solaris-threads \
    --with-ldns=../ldns-1.6.1

As per the unbound optimize page says. So basically, I'm using the Forked operation...

The systems I have are Sun X4100 with a dual opteron :
# psrinfo -pv
The physical processor has 1 virtual processor (0)
  x86 (AuthenticAMD family 15 model 37 step 1 clock 2792 MHz)
    AMD Opteron(tm) Processor 254
The physical processor has 1 virtual processor (1)
  x86 (AuthenticAMD family 15 model 37 step 1 clock 2792 MHz)
    AMD Opteron(tm) Processor 254

and

# prtconf
System Configuration: Sun Microsystems i86pc
Memory size: 8064 Megabytes

So the question. What would be the optimal setup/configuration ?

This is currently what I'm using.

       do-ip6: no
        hide-identity: yes
        hide-version: yes
        infra-cache-slabs: 2
        interface: 0.0.0.0
        key-cache-slabs: 2
        msg-cache-size: 256m
        msg-cache-slabs: 2
        num-queries-per-thread: 950
        num-threads: 2
        outgoing-range: 950
        rrset-cache-size: 512m
        statistics-interval: 3600
        verbosity: 1
        access-control: 0.0.0.0/0 refuse
        access-control: 10.0.0.0/8 allow
        access-control: 127.0.0.0/8 allow
        access-control: 172.16.0.0/14 allow
        access-control: 192.168.0.0/16 allow

Base on what I understand, each of my Unbound server can serve 2x950 request each at the same time, right ?

Each of my dns servers are only running Unbound and nsd, ther are strip down. How can I increase drastically the number of request one server can process ?

The systems are mostly idle... and almost 4 Gb of ram is never being used.

Thank's.

Felix_Schueren · September 4, 2009, 5:36am

Simon,

Each of my dns servers are only running Unbound and nsd, ther are strip
down. How can I increase drastically the number of request one server
can process ?

You'll have to use libevent or something similiar - libevent supposedly
compiles on solaris, maybe you should give it a try.

The systems are mostly idle... and almost 4 Gb of ram is never being used.

you could increase msg/rr cache sizes, that would use more ram, but the
performance gain is probably negligible. What are the stats during
normal three-server operation? How many queries per second? For a rough
estimate, you could look at the network interfaces pps averages for the
the caching nameservers. If you don't collect stats yet, you should
definitively start to do so - have a look at munin & the munin unbound
plugin (in the contrib directory).

Kind regards,

Felix