Re: Heavy duty unbound

Hello Jin

Thanks for your reply, Can you show me where can I learn how to setup with
ASN, since this server is for ISP and have ASN

Best Regards

Baha Gia

On Tue, Aug 9, 2022 at 6:37 AM jin guojun <jguojun@gmail.com> wrote:

> This could be related to your network topology.
>
> If you have a real gateway with AS # (ASN) set properly, you should not
> see this problem.
>
> If you have a home router that serves your NAT, and your gateway is an ISP
> port, and this port IP is mapped to your service IP (DNS, HTTP, etc) via
> NAT, then any of your local network traffic to use your services tied to
> this IP may experience the problem you had.
> This is depending on what kind of internal router is behind the ISP modem.
> If you have all in one Modem/Router, it is likely to see the problem. Some
> routers may even prevent such traffic flow. This is because of the
> All-in-one internal traffic rerouting.
> If you have a separate Modem and Router, you can sniff the traffic between
> the router and the modem, the traffic between the client and the router, as
> well as between the router and the server, then you may find some
> redirecting traffic issues, which causes CPU usage due to massive packet
> dropping and resending.
>
> -Jin
>
> On Mon, Aug 8, 2022 at 3:21 PM Bahagia BAG <csf.server.bag@gmail.com>
> wrote:
>
>> Hello All,
>>
>> I have unbound setup as a dns cache server
>> The problem is if I give dns query traffic from my network, the server is
>> very lagging
>> and if i run top, unbound  is 166.43%
>> sometimes I can't ssh login to the server
>> I received an error log like this
>>
>> Limiting icmp unreach response from 203 to 193 packets/sec
>> Limiting icmp unreach response from 222 to 197 packets/sec
>> Limiting icmp unreach response from 228 to 194 packets/sec
>>
>> How can I tweak and optimize this server?
>>
>> Thanks in advance
>>
>> Baha Gia
>>
>>