- Change default for so-sndbuf to 1m, to mitigate a cross-layer

issue where the UDP socket send buffers are exhausted waiting
  for ARP/NDP resolution. Thanks to Reflyable for the report.

doc/Changelog

@@ -3,6 +3,11 @@
 	  by adding a log_assert() to safeguard future development.
 	- Fix #1282: log-destaddr fail on long ipv6 addresses.
 
+13 May 2025: Wouter
+	- Change default for so-sndbuf to 1m, to mitigate a cross-layer
+	  issue where the UDP socket send buffers are exhausted waiting
+	  for ARP/NDP resolution. Thanks to Reflyable for the report.
+
 12 May 2025: Yorgos
 	- Merge #1280: Fix auth nsec3 code. Fixes NSEC3 code to not break on
 	  broken auth zones that include unsigned out of zone (above apex)

doc/example.conf.in

@@ -117,7 +117,7 @@ server:
 
 	# buffer size for UDP port 53 outgoing (SO_SNDBUF socket option).
 	# 0 is system default.  Use 4m to handle spikes on very busy servers.
-	# so-sndbuf: 0
+	# so-sndbuf: 1m
 
 	# use SO_REUSEPORT to distribute queries over threads.
 	# at extreme load it could be better to turn it off to distribute even.

doc/unbound.conf.5.in

@@ -355,11 +355,14 @@ If not 0, then set the SO_SNDBUF socket option to get more buffer space on
 UDP port 53 outgoing queries.  This for very busy servers handles spikes
 in answer traffic, otherwise 'send: resource temporarily unavailable'
 can get logged, the buffer overrun is also visible by netstat \-su.
-Default is 0 (use system value).  Specify the number of bytes to ask
-for, try "4m" on a very busy server.  The OS caps it at a maximum, on
-linux Unbound needs root permission to bypass the limit, or the admin
-can use sysctl net.core.wmem_max.  On BSD, Solaris changes are similar
-to so\-rcvbuf.
+Default is 1M. If set to 0 it uses the system value. Specify the number
+of bytes to ask for, try "4m" on a very busy server. It needs some space
+to be able to deal with packets that wait for local address resolution,
+from like ARP and NDP discovery, before they are sent out, hence
+it is elevated above the system default by default.  The OS caps it at
+a maximum, on linux Unbound needs root permission to bypass the limit,
+or the admin can use sysctl net.core.wmem_max.  On BSD, Solaris changes
+are similar to so\-rcvbuf.
 .TP
 .B so\-reuseport: \fI<yes or no>
 If yes, then open dedicated listening sockets for incoming queries for each

services/listen_dnsport.c

@@ -473,7 +473,8 @@ create_udp_sock(int family, int socktype, struct sockaddr* addr,
 					"Got %u. To fix: start with "
 					"root permissions(linux) or sysctl "
 					"bigger net.core.wmem_max(linux) or "
-					"kern.ipc.maxsockbuf(bsd) values.",
+					"kern.ipc.maxsockbuf(bsd) values. or "
+					"set so-sndbuf: 0 (use system value).",
 					(unsigned)snd, (unsigned)got);
 			}
 #  ifdef SO_SNDBUFFORCE

util/config_file.c

@@ -210,7 +210,7 @@ config_create(void)
 	cfg->if_automatic = 0;
 	cfg->if_automatic_ports = NULL;
 	cfg->so_rcvbuf = 0;
-	cfg->so_sndbuf = 0;
+	cfg->so_sndbuf = 1024*1024;
 	cfg->so_reuseport = REUSEPORT_DEFAULT;
 	cfg->ip_transparent = 0;
 	cfg->ip_freebind = 0;