Hello Wouter,

WW> Since you have a dual core machine, two threads should be enough.

ok, i'm try.

WW> Your first problem seems to be that you cannot connect (with) TCP to the

WW> internet, the tcp connects failed.  Could this be a NetBSD firewall problem?

yes, uses PF

..

pass in quick on wm1 inet proto tcp from any to XX.XX.XX.5 port = domain keep state

pass in quick on wm1 inet proto udp from any to XX.XX.XX.5 port = domain keep state

pass out quick on wm1 inet from XX.XX.XX.5 to any keep state

..

WW> The second problem (accept failed: resource unavail) seems to be like

WW> you are running out of file descriptors. 

WW> What is your ulimit? 

dunno. :(

WW> Did you compile with libevent or not? 

nope

./configure --prefix=/usr/pkg --host=i386--netbsdelf --mandir=/usr/pkg/man

i'm use pkgsrc for compile.

WW> And a more general, what is your configuration file?

WW> The third problem is that you are running out of memory, even though you

WW> have 3 Gb. Is this due to threads forking? What configuration do you

WW> use? Did you compile with or without pthreads?

 Then unbound reach SIZE=130M and RES>116M he was crash.

---

Memory: 1566M Act, 749M Inact, 7984K Wired, 22M Exec, 1490M File, 382M Free

Swap: 1028M Total, 55M Used, 973M Free

  PID USERNAME PRI NICE   SIZE   RES STATE      TIME   WCPU    CPU COMMAND

25715 unbound    2    0   117M  114M select/0   2:01  3.81%  3.81% unbound

---

..

server:

        verbosity: 0

        statistics-interval: 600

        num-threads: 1

        interface: xx.xx.xx.5

        outgoing-range: 256

        outgoing-port-permit: 32768-65000

        outgoing-num-tcp: 20

        incoming-num-tcp: 20

        msg-buffer-size: 65552

        msg-cache-size: 64m

        msg-cache-slabs: 4

        num-queries-per-thread: 1024

        rrset-cache-size: 128m

        rrset-cache-slabs: 4

        cache-max-ttl: 86400

        infra-host-ttl: 900

        infra-lame-ttl: 900

        infra-cache-numhosts: 10000

        infra-cache-lame-size: 10k

        do-ip4: yes

        do-ip6: no

        do-udp: yes

        do-tcp: yes

        do-daemonize: yes

        access-control: 0.0.0.0/0 refuse

        access-control: xx.xx.128.0/20 allow

        access-control: xx.xx.48.0/20 allow

        access-control: 127.0.0.0/8 allow

        logfile: "unbound_ul.log"

        use-syslog: no 

        root-hints: "named.cache"

        hide-identity: yes

        hide-version: yes

        identity: "DNS"

        version: "1.1"

        harden-glue: yes

        do-not-query-localhost: no

        module-config: "iterator"

include: "/usr/local/etc/unbound/my_zones_fwd.conf"

..