What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Unbound low cache hit rate

John DeLuca

John DeLuca

Regular Contributor
Hello does anyone know why my unbound would be close to 40 cache misses I had a previous setup on my old router and I was close 90%+ hit rate. Could there be something wrong with my settings?
 
John DeLuca said:
Hello does anyone know why my unbound would be close to 40 cache misses I had a previous setup on my old router and I was close 90%+ hit rate. Could there be something wrong with my settings?
Click to expand...
I believe it has something to do with new 3.0.0.6 firmware and/or if using GuestNetworkPro:

Thread 'After upgrading to firmware version 3006 that Unbound's hit rate has decreased?' https://www.snbforums.com/threads/a...6-that-unbounds-hit-rate-has-decreased.95001/

I haven't used Unbound in a while so i cant help much. See similar post
 
It may also be related to the latest version of unbound package from Entware.
I have also lower cache percentage. The only change was update of Entware packages, without any changes to unbound.conf or firmware version.
 
Running latest here (1.23.0)

Screenshot 2025-07-31 at 9.00.41 AM.png
 
Unbound made changes to the way serve-expired is now handled.

By default, the serve-expired-ttl is now 86400 seconds (rather than 0 - ie infinite), and serve-expired-client-timeout is now 1800ms (Time in milliseconds before replying to the client with expired data. This essentially enables the serve-stale behavior as specified in RFC 8767 that first tries to resolve before immediately responding with expired data. Setting this to 0 will disable this behavior and instead serve the expired record immediately from the cache before attempting to refresh it via resolution.)

This means if DNS can’t resolve with a “clean” reply within 1800ms it will then (and only then) serve the expired/cached reply.
 
Gary_Dexter said:
Unbound made changes to the way serve-expired is now handled.

By default, the serve-expired-ttl is now 86400 seconds (rather than 0 - ie infinite), and serve-expired-client-timeout is now 1800ms (Time in milliseconds before replying to the client with expired data. This essentially enables the serve-stale behavior as specified in RFC 8767 that first tries to resolve before immediately responding with expired data. Setting this to 0 will disable this behavior and instead serve the expired record immediately from the cache before attempting to refresh it via resolution.)

This means if DNS can’t resolve with a “clean” reply within 1800ms it will then (and only then) serve the expired/cached reply.
Click to expand...
Thank you for reply.
În my case I checked the backup of Unbound.conf before update to 1.23.0 and is the same with the current. In both I have:

Code: 
serve-expired: yes
serve-expired-ttl: 86400
 
Gary_Dexter said:
You need to override this one and set to 0 in your config, otherwise it will default to 1800ms:

serve-expired-client-timeout: 0
Click to expand...
That setting is not part of the default unbound.conf file, at least ours here. Does that mean it needs to be added?
 
I can report after 1 hour with this change the cache hit % doubled to 50% and climbing. Surfing is back to what it used to be where it was zippy and there wasn't that pause with every click.
 
You must log in or register to reply here.

Similar threads

aru
Unbound After upgrading to firmware version 3006 that Unbound's hit rate has decreased?
Replies
15
Views
784
Gary_Dexter
Gary_Dexter
muffintastic
Unbound Force all DNS requests through Unbound using iptables?
Replies
18
Views
2K
aru
aru
M
ASUS GT-AXE16000 Pihole+Unbound
Replies
9
Views
833
mustardquail
M
S
AdguardHome + Unbound on Pi4 Correct DNS settings
Replies
6
Views
2K
sammyano
S
Q
Problems unbound reverse proxy
Replies
2
Views
987
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
Jack-Sparr0w Unbound Unbound first install questions? Asuswrt-Merlin AddOns 1
Jack-Sparr0w Unbound Harden Unbound Asuswrt-Merlin AddOns 13
Jack-Sparr0w Unbound Unbound Tuning for gaming Asuswrt-Merlin AddOns 31
aru Unbound After upgrading to firmware version 3006 that Unbound's hit rate has decreased? Asuswrt-Merlin AddOns 15
sentinelvdx Unbound Setup Unbound to work with Diversion and ASUS DDNS Asuswrt-Merlin AddOns 3
Jack-Sparr0w Does this look right for Nord VPN Unbound setup, the extra address worked Asuswrt-Merlin AddOns 22
Jack-Sparr0w How to use forward-zone in Unbound? Asuswrt-Merlin AddOns 1
Jack-Sparr0w Is it possible to add more addresses in unbound dns firewall? Asuswrt-Merlin AddOns 7
Jack-Sparr0w Unbound Redirect Internet traffic through tunnel best setting for unbound dns and vpn Asuswrt-Merlin AddOns 3
Gen10 Unbound unable to resolve certain domains (DNS address could not be found. Diagnosing the problem. DNS_PROBE_POSSIBLE) Asuswrt-Merlin AddOns 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 864 (members: 30, guests: 834)
Back
Top