unbound and traffic shaping cause "sendto failed: No buffer space available"



  • Hi, I used the traffic shaping wizard to create Multiple Lan/Wan for 1 lan and 1 wan PRIQ for both lan and wan no voip, penalty box,
    with "Lower priority of Peer-to-Peer traffic" p2pCatchAll and all default values for protocol except http is high.
    The problem is, whenever I activate the traffic shaper, I get a lot of the following in the log entry of unbound:

    Jun 27 12:30:52 unbound 82505:0 notice: remote address is 192.168.3.28 port 58956
    Jun 27 12:30:52 unbound 82505:0 notice: sendto failed: No buffer space available
    with a lot of remote addresses and random ports, can someone please point me what I'm doing wrong, thank you.



  • so I removed traffic shaper on LAN but now download traffic is not shaped, only upload is shaped, is there no way to have download speed shaped without hurting dns requests on LAN while using unbound?



  • Hi,

    What about this one : inform pfSense that it should allocate some more "buffers" ?

    Also : unbound doesn't use the LAN interface ....
    What about making a priority queque for all "port 53" requests, as you did for http (https I presume, http is nearly gone now)



  • I assumed the buffer is just a log entry by unbound that the connection has dropped, while actually the it's not caused by buffer, but by bandwidth shaping, and setting a priority to DNS port 53 didn't solve the issue, same error kept showing up, and how to allocate more buffer? I used maximum buffer for unbound 512 MB and only disabling traffic shaping did solve the buffer issue, is there a buffer for bandwidth shaping? how can I prevent the requests for dns not being shaped all together?



  • Well, I presume that "sendto" will be a low level kernel function that works in relation to the IP stack.
    It might as well be this one : 9f71fdcd-cf39-467e-927f-ce2d3319513f-image.png



  • that's at 1% max on my installation, I don't think that's an issue here





  • since only unbound is reporting this, and it stops when I disable traffic shaping, I had to assume that it's just the unbound (understandably) does not play well when connections are dropped with LAN clients, and I found it strange that DNS traffic on LAN are shaped by default !



  • Another thought : DNS requests fall into a queue that is not prioritized ?



  • thats exactly my question, how can I do that?



  • Instead of what I do here :
    1d6c8c0b-5f5b-427a-9bd2-3b87a90038de-image.png

    Intercepting ICMP (IPv4 and IPv6) so that it goes out before limiter rules kicks in (lower rules) you should focus on UDP and TCP, destination port 53.


Log in to reply