Unbound low cache hit rate

[minhgi]

For me, I was getting unbound hit rate from 30%-35% to 65%-75% once I made this change. Remove any upstream server from Cloudflare, quad9, and etcs from Adguad Home. Just include the unbound ipv4 and ipv6. For DoT, I just enabled on unbound end.

127.0.0.1:53535
tcp://127.0.0.1:53535
[::0]:53535
tcp://[::0]:53535
[/f.e.4.5.0.c.1.5.2.0.7.1.0.0.6.2.ip6.arpa/][::]:553
[/router.asus.com/][::]:553
[/www.asusnetwork.net/][::]:553
[/www.asusrouter.com/][::]:553
[/use-application-dns.net/][::]:553
[/dns.resolver.arpa/][::]:553
[/lan/][::]:553
[//][::]:553

 

[bluzfanmr1]

 

[minhgi]

Just add serve-expired-client-timeout: 0 to unbound and the hit rate jump up too 95%. what the hack.

After researching some more:
From this post: https://github.com/NLnetLabs/unbound/issues/1175
serve-expired-client-timeout: 1800 is the default for unbound. The line does not exist in the configure file.

 

[minhgi]

Unbound responded time. Guess I am using a not so good USB.

 

[bluzfanmr1]

Unbound responded time. Guess I am using a not so good USB.

View attachment 67293

I use a good Samsung SSD in an enclosure and USB3. I also have ipv6 turned off so I'm not sure if that makes any difference.

 

[amplatfus]

Unbound responded time. Guess I am using a not so good USB.

View attachment 67293

Hi,
Please, could you share how can I test myself?
10q

 

[bluzfanmr1]

 

[minhgi]

I use a good Samsung SSD in an enclosure and USB3. I also have ipv6 turned off so I'm not sure if that makes any difference.

I am sure it the same millisecond since the client only requests either ip4 or ipv6, whichever preferred by the device.

 

[Gary_Dexter]

Just add serve-expired-client-timeout: 0 to unbound and the hit rate jump up too 95%. what the hack.

After researching some more:
From this post: https://github.com/NLnetLabs/unbound/issues/1175
serve-expired-client-timeout: 1800 is the default for unbound. The line does not exist in the configure file.

View attachment 67292

If it doesn’t exist in the config with anything other than the default value, it will be active still (with the default value).

 

[minhgi]

If it doesn’t exist in the config with anything other than the default value, it will be active still (with the default value).

I rem out that line. While the cache performance number is expressed, I tend to gear to unbound recommend setting. Took a little page from your config such as num-thread and the 4 stacks line.

 

[Gary_Dexter]

I rem out that line. While the cache performance number is expressed, I tend to gear to unbound recommend setting. Took a little page from your config such as num-thread and the 4 stacks line.

What did you rem it to?

 

[Viktor Jaep]

What did you rem it to?

Old skool way of saying he added a # to the front of the line.

 

[Gary_Dexter]

I know.

But doing that will cause it to be activated with the default value still.

Which is why I couldn’t fathom why it was rem’d…

 

[ColinTaylor]

I'm not using unbound, but I have one question.
Does dnsmasq also has a DNS cache?

Slightly off-topic, but dnsmasq has its own equivalent to Unbound's:

serve-expired-ttl: 86400
serve-expired-client-timeout: 0

which is:

use-stale-cache

(it defaults to 86400 seconds)

I tried this out of curiosity and the hit rate went from ~30% to ~80%. But that's very much dependent on the sort of traffic your network generates. I'm looking at you, Ubuntu Server and your endless connectivity checks.

 

[Viktor Jaep]

Slightly off-topic, but dnsmasq has its own equivalent to Unbound's:

Please get back on-topic, sir. This is your last warning!