diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-21 17:19:04 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-21 17:19:04 +0000 |
commit | 310edf444908b09ea6d00c03baceb7925f3bb7a2 (patch) | |
tree | 7064577c7fa7a851e2e930beb606ea8237b0bbd2 /health/guides/unbound/unbound_request_list_dropped.md | |
parent | Releasing debian version 1.44.3-2. (diff) | |
download | netdata-310edf444908b09ea6d00c03baceb7925f3bb7a2.tar.xz netdata-310edf444908b09ea6d00c03baceb7925f3bb7a2.zip |
Merging upstream version 1.45.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'health/guides/unbound/unbound_request_list_dropped.md')
-rw-r--r-- | health/guides/unbound/unbound_request_list_dropped.md | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/health/guides/unbound/unbound_request_list_dropped.md b/health/guides/unbound/unbound_request_list_dropped.md deleted file mode 100644 index deed815ee..000000000 --- a/health/guides/unbound/unbound_request_list_dropped.md +++ /dev/null @@ -1,38 +0,0 @@ -### Understand the alert - -The `unbound_request_list_dropped` alert indicates that the Unbound DNS resolver is dropping new incoming requests because its request queue is full. This situation may be caused by a high volume of DNS queries, possibly from a Denial of Service (DoS) attack or poor server optimization. - -### Troubleshoot the alert - -1. **Check the request queue length**: Inspect the Unbound configuration file (usually located at `/etc/unbound/unbound.conf`) and check the `num-queries-per-thread` setting. If the value is too low for your system, you may encounter issues with dropped requests. - -2. **Increase the queue length**: If necessary, increase the `num-queries-per-thread` value in the Unbound configuration file. For example, if the current value is 1024, you can try setting it to a higher value, such as 2048 or 4096. Save the changes and restart the Unbound service: - - ``` - sudo systemctl restart unbound - ``` - -3. **Monitor dropped requests**: Use the `unbound-control` command to monitor the number of dropped requests in real-time: - - ``` - sudo unbound-control stats_noreset | grep num.requestlist.dropped - ``` - - If you see the dropped requests decreasing, your changes to the `num-queries-per-thread` value may have resolved the issue. - -4. **Inspect server logs**: Check the Unbound log file (usually located at `/var/log/unbound.log`) for any suspicious activity or error messages that may indicate the cause of the increased DNS queries. - -5. **Check for potential DoS attacks**: Use tools like `iftop`, `nload`, or `nethogs` to monitor network traffic and identify any potential DoS attacks or unusual traffic patterns. - - If you believe your server is experiencing a DoS attack: - - - Investigate the source IP addresses of the high-volume traffic - - Block malicious traffic using firewall tools like `iptables` or `ufw` - - Contact your hosting provider, ISP, or network administrator for assistance - -6. **Optimize Unbound**: Review the [official Unbound documentation](https://nlnetlabs.nl/documentation/unbound/) and tune the settings in the Unbound configuration file to ensure optimal performance for your specific environment. - -### Useful resources - -1. [Unbound Official Documentation](https://nlnetlabs.nl/documentation/unbound/) -2. [How to set up a DNS Resolver with Unbound](https://calomel.org/unbound_dns.html) |