Unbound Unbound Tuning for gaming

[Jack-Sparr0w]

I mean it is all on netgate and nlnetlabs. I think they have better info on this matter. besides every time I ask about something it is always a negative response. I hope you don't do that at work.

 

[Jack-Sparr0w]

If you want a better hit rate it is best to change these settings. That's all I'm gonna say take it as you will

 

[Tech9]

every time I ask about something

The answer to you question was provided few times already, but you refuse to accept it. DNS resolution is unrelated to gaming. Your Unbound may slow down first queries compared to built-in Dnsmasq as forwarder to upstream DNS resolver with much larger than yours cache and responding immediately. This is a fact no matter what settings you have in the configuration file.

If you want a better hit rate it is best to change these settings

If you want constant low hit rate at any time just uninstall Unbound and use Google, Cloudflare, OpenDNS, etc. upstream DNS resolvers with already built large cache. It will spare router resources and save the time for meaningless tuning efforts.

 

[Jack-Sparr0w]

I noticed a huge difference in overall responsiveness

 

[Jack-Sparr0w]

This forum is not the best place for info on unbound dns. I trust netgate and nlnetlabs labs on this. they have a professional document that is laid out nice. Unbound is used on many systems and the info can be found elsewhere.

 

[Tech9]

I trust netgate

Me too. I have two Netgate gaming appliances as gateways to my business networks.

You do whatever makes you happy, but test at some point the built-in Dnsmasq with Google upstream and compare the results with your DNS performance testing game, whatever it is. May get surprised by not noticing any difference without any tweaks.

 

[Difides]

The so-rcvbuf setting in Unbound DNS determines the size of the socket receive buffer used for handling incoming DNS queries. Setting so-rcvbuf to 4MB (so-rcvbuf: 4m) versus 1MB (so-rcvbuf: 1m) has implications for performance and system configuration:

• 4MB (so-rcvbuf: 4m): A larger buffer helps handle traffic spikes more effectively, reducing the risk of packet loss and improving reliability during high-load scenarios. This is particularly beneficial for busy DNS servers or environments with high query volumes. However, the operating system may impose limits on how large the buffer can be set. On Linux systems, you may need to adjust net.core.rmem_max via sysctlor run Unbound with root privileges to allow larger buffer sizes.
  
  6​
• 1MB (so-rcvbuf: 1m): A smaller buffer is generally sufficient for less busy environments. However, during traffic surges, it may lead to dropped packets or increased latency. Some systems may not even allow this value to be fully allocated, as seen in error messages like so-rcvbuf 1048576 was not granted. Got 425984.
  
  5​

In practice, using so-rcvbuf: 4m is recommended for better performance and reliability, especially on high-traffic or gaming-oriented DNS setups, provided that the system is configured to support the larger buffer size.

here we are still talking about dns translations .. with their buffer that keeps them in the buffer and their response speed .. however, I am absolutely sure that there is not a single game that could allocate a dns buffer larger than 1kb .. therefore, throwing an overflowing buffer does not happen .. games work on a completely different principle than spamming the domain system .. I have been working in the field of networks for many years and I understand the effort of any kind of tuning out .. but this is total nonsense .. if you want to create a dns server for a smaller corporate network it makes sense .. otherwise not at all

 

[Tech9]

but this is total nonsense

Let people do whatever makes them happy.

 

[Gary_Dexter]

Thanks for this thread.

I needed a good laugh today.

 

[Jack-Sparr0w]

why have a guide for unbound and not use it. Been on this forum for a long time. even when I asked how to use DoT with unbound all I ever get in the forum is flak. Must be doing something right if it bothers you. the instructions are clear on Netgate. It clearly states that this will help with hit rate.

 

[Tech9]

even when I asked how to use DoT with unbound all I ever get in the forum is flak

Because this one doesn't make sense either. Before you start using something you may want to know what is does and how it works.

 

[BoostOver]

This forum is not the best place for info on unbound dns. I trust netgate and nlnetlabs labs on this. they have a professional document that is laid out nice. Unbound is used on many systems and the info can be found elsewhere.

It's not our fault if you don't understand.
Try using other forums.
When you get the answer different from ours, you can come back here and celebrate that you (or your guide) are right.

 

[Jack-Sparr0w]

ip ratelimit 1000
so rcvbuf 2m
incoming num tcp 950 best for overhead 200 for lower end system
outgoing num tcp 200 best for overhead 75 for lower end system
cache max ttl 14400
# tiny memory cache
key-cache-size: 16m # L&LDv1.03 (Orig 8m) RT-AX88U For RT-AC86U use (8m)
msg-cache-size: 16m # L&LDv1.03 (Orig 8m) RT-AX88U For RT-AC86U use (8m)
rrset-cache-size: 32m # L&LDv1.03 (Orig 16m) RT-AX88U For RT-AC86U use (16m)
infra-cache-numhosts: 40000 (aligns with this setup) AC86U- 20000 infra-cache-numhosts

# no threads and no memory slabs for threads
num-threads: 4 # L&LDv1.03 (Orig 1) RT-AX88U For RT-AC86U use (2)
msg-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
rrset-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
infra-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
key-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)

infra-keep-probing: yes
This is a default setting for pfSense, and many other vendors

infra-host-ttl: 900 works well with infra-keep-probing: yes

infra-cache-numhosts: 20000 or 40000 ax 88u

discard-timeout: 1900 use 3000 if you bind vpn
unwanted-reply-threshold: 5000000 leave to default on lower end system

use (vx) to edit unbound config file (stock settings are slow)

4 core cpu and 1 gig ram

 

[thiggins]

ok guys. No need to respond if you don't have any help to offer.

 

[Jack-Sparr0w]

3k views on this post so far

 

[BoostOver]

ok guys. No need to respond if you don't have any help to offer.

Help has been given.
We wrote that there's no benefit in optimizing name resolution...for online gaming.
If the person writing doesn't understand, is obtuse...
If tomorrow someone wrote that the earth is flat, they'd get the same response:
"Abandon all the influencers and start using your brain."

 

[Jack-Sparr0w]

val-bogus-ttl: 60
wait-limit-cookie: 10000
wait-limit: 1000
infra-cache-min-rtt: 1000
tcp-idle-timeout: 60000
infra-cache-max-rtt: 120000
max-reuse-tcp-queries: 200
tcp-auth-query-timeout: 3000
pad-responses: yes
pad-responses-block-size: 468
pad-queries: yes
pad-queries-block-size: 128
tls-use-sni: yes
http-max-streams: 100
ip-ratelimit-slabs: 4
ip-ratelimit-size: 16m
ratelimit-slabs: 4
ratelimit-size: 16m
http-query-buffer-size: 16m
http-response-buffer-size: 16m
stream-wait-size: 16m
quic-size: 16m
max-global-quota: 200
delay-close: 10000
udp-connect: yes
unknown-server-time-limit: 0 use unbound-control dump_infra in putty without logging into amtm to get value (Example use 1000)
msg-buffer-size: 65552
so-sndbuf: 2
tcp-reuse-timeout: 60000
so-reuseport: yes (amazing feature)
num-queries-per-thread: 100
outgoing-range: 200
ip ratelimit 1000
so rcvbuf 2m
incoming num tcp 950 best for overhead 200 for lower end system
outgoing num tcp 200 best for overhead 75 for lower end system
cache max ttl 14400
# tiny memory cache
key-cache-size: 16m
msg-cache-size: 16m
rrset-cache-size: 32m
infra-cache-numhosts: 40000 AX-88u (aligns with this setup) AC86U- 20000 infra-cache-numhosts

# no threads and no memory slabs for threads
num-threads: 4 # L&LDv1.03 (Orig 1) RT-AX88U For RT-AC86U use (2)
msg-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
rrset-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
infra-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)
key-cache-slabs: 4 # L&LDv1.03 (Orig 2) RT-AX88U For RT-AC86U use (2)

infra-keep-probing: yes
This is a default setting for pfSense, and many other vendors

infra-host-ttl: 900 works well with infra-keep-probing: yes

infra-cache-numhosts: 20000 or 40000 ax 88u

discard-timeout: 1900 use 3000 if you bind vpn
unwanted-reply-threshold: 5000000 leave to default on lower end system

use (vx) to edit unbound config file (stock settings are slow)

4 core cpu and 1 gig ram

might have to whitelist ASN for Nord Server with this type of setup

 

[Jack-Sparr0w]

works 10 fold now

 

[Viktor Jaep]

works 10 fold now

Can you share an image of your Unbound stats page for comparison? Here's mine:

 

[bibikalka]

Your math is wrong. No Unbound settings on your end-user device will make root servers respond faster nor cached queries reach local clients faster. Once resolved and cached the address is 1ms away for Ethernet connected gaming device. And skip AI generated crap.

1ms away ! That's like forever

My PiHole cached entries return in a few microseconds !!!