Skip to content

Flood of resolve attempts overwhelms unbound on relays

Currently, dozens of relays using unbound as their DNS resolver are getting overwhelmed.

Impact on bandwidth:

2022-03-03     5.60 TiB |    5.54 TiB |   11.14 TiB |    1.13 Gbit/s
2022-03-04     2.07 TiB |    1.99 TiB |    4.06 TiB |  413.33 Mbit/s
2022-03-05     1.84 TiB |    1.76 TiB |    3.60 TiB |  366.05 Mbit/s
2022-03-06     2.01 TiB |    1.93 TiB |    3.94 TiB |  401.17 Mbit/s
2022-03-07     1.84 TiB |    1.76 TiB |    3.60 TiB |  366.05 Mbit/s
2022-03-08     3.43 TiB |    3.35 TiB |    6.78 TiB |  690.27 Mbit/s
2022-03-09     3.91 TiB |    3.87 TiB |    7.78 TiB |    1.09 Gbit/s

Geko notified me on 03/08 as you can see and the day after traffic was back as normal.

Another relay operator is facing similar issues with relays that run unbound:

https://twitter.com/unredacted_org/status/1501458345219215363

We need more information, i'm going to sample some dns requests from time to time to figure out what's causing this. Maybe it's an unbound bug, is there a way to mitigate the issue, we don't know yet. I hope to place some research into this issue.