Project

General

Profile

Download (4.54 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	unbound.inc
5
	part of the pfSense project (http://www.pfsense.com)
6
	Copyright (C) 2011	Warren Baker
7
	All rights reserved.
8

    
9
	Redistribution and use in source and binary forms, with or without
10
	modification, are permitted provided that the following conditions are met:
11

    
12
	1. Redistributions of source code must retain the above copyright notice,
13
	   this list of conditions and the following disclaimer.
14

    
15
	2. Redistributions in binary form must reproduce the above copyright
16
	   notice, this list of conditions and the following disclaimer in the
17
	   documentation and/or other materials provided with the distribution.
18

    
19
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28
	POSSIBILITY OF SUCH DAMAGE.
29
*/
30

    
31
/*
32
	pfSense_BUILDER_BINARIES:	/usr/local/sbin/unbound /usr/local/sbin/unbound-anchor
33
	pfSense_BUILDER_BINARIES:	/usr/local/sbin/unbound-checkconf /usr/local/sbin/unbound-control
34
	pfSense_BUILDER_BINARIES:	/usr/local/sbin/unbound-control-setup /usr/local/sbin/unbound-host 
35
*/
36

    
37

    
38
function unbound_add_domain_overrides($pvt=false) {
39
	global $config;
40

    
41
	$domains = $config['unbound']['domainoverrides'];
42

    
43

    
44
	$sorted_domains = msort($domains, "domain");
45
	$result = array();		
46
	foreach($sorted_domains as $domain) {
47
		$domain_key = current($domain);
48
		if(!isset($result[$domain_key])) {
49
			$result[$domain_key] = array();
50
		}
51
		$result[$domain_key][] = $domain['ip'];
52
	}
53

    
54
	// Domain overrides that have multiple entries need multiple stub-addr: added
55
	$domain_entries = "";
56
	foreach($result as $domain=>$ips) {
57
		if($pvt == true) {
58
			$domain_entries .= "private-domain: \"$domain\"\n";
59
			$domain_entries .= "domain-insecure: \"$domain\"\n";
60
		} else {
61
			$domain_entries .= "stub-zone:\n";
62
			$domain_entries .= "\tname: \"$domain\"\n";
63
			foreach($ips as $ip) {
64
				$domain_entries .= "\tstub-addr: $ip\n";
65
			}
66
			$domain_entries .= "\tstub-prime: no\n";
67
		}
68
	}
69
	return $domain_entries;
70
}
71

    
72

    
73
function unbound_optimization() {
74
	global $config;
75

    
76
	$optimization_settings = array();
77
	
78
	/* Set the number of threads equal to number of CPUs.
79
	 * Use 1 to disable threading, if for some reason this sysctl fails.
80
	 */
81
	$numprocs = intval(trim(`/sbin/sysctl kern.smp.cpus | /usr/bin/cut -d" " -f2`));
82
	if($numprocs > 0)
83
		$optimization['number_threads'] = "num-threads: {$numprocs}";
84
	else
85
		$optimization['number_threads'] = "num-threads: 1";
86
	
87
	// Slabs to help reduce lock contention.
88
	if ($numprocs > 4) {
89
		$optimization['msg_cache_slabs'] = "msg-cache-slabs: {$numprocs}";
90
		$optimization['rrset_cache_slabs'] = "rrset-cache-slabs: {$numprocs}";
91
		$optimization['infra_cache_slabs'] = "infra-cache-slabs: {$numprocs}";
92
		$optimization['key_cache_slabs'] = "key-cache-slabs: {$numprocs}";
93
	} else {
94
		$optimization['msg_cache_slabs'] = "msg-cache-slabs: 4";
95
		$optimization['rrset_cache_slabs'] = "rrset-cache-slabs: 4";
96
		$optimization['infra_cache_slabs'] = "infra-cache-slabs: 4";
97
		$optimization['key_cache_slabs'] = "key-cache-slabs: 4";
98
	}
99
	
100
	// Memory usage default of 4Mb
101
	$optimization['msg_cache_size'] = "msg-cache-size: 4m";
102
	$optimization['rrset_cache_size'] = "rrset-cache-size: 8m";
103

    
104
	// More outgoing connections per thread otherwise assign a default of 4096 for a single thread
105
	if($numprocs > 0) {
106
		$or = (1024/$numprocs) - 50;
107
		$optimization['outgoing_range'] = "outgoing-range: {$or}";
108
	} else {
109
		$optimization['outgoing_range'] = "outgoing-range: {4096}";
110
	}
111

    
112
	// Larger socket buffer for busy servers
113
	// Check that it is set to 4MB (by default the OS has it configured to 4MB)
114
	foreach ($config['sysctl']['item'] as $tunable) {
115
		if ($tunable['tunable'] == 'kern.ipc.maxsockbuf') {
116
			$so = floor(($tunable['value']/1024/1024)-1);
117
			// Check to ensure that the number is not a negative
118
			if ($so > 0)
119
				$optimization['so_rcvbuf'] = "so-rcvbuf: {$so}m";
120
			else
121
				unset($optimization['so_rcvbuf']);
122
		}
123
	}
124
	// Safety check in case kern.ipc.maxsockbuf is deleted.
125
	if(!isset($optimization['so_rcvbuf']))
126
		$optimization['so_rcvbuf'] = "#so-rcvbuf: 4m";
127

    
128
	return $optimization;
129
}
130

    
131

    
132
?>
(48-48/62)