Hello! I have no direct answer to all your questions. But you may check Cloudflare's experience with Unbound here: https://indico.dns-oarc.net/event/31/contributions/687/attachments/663/1106/Ultimate_Stub-resolver.pdf
We had multiple generations of our deployment and all of them documented here. I hope it helps On Mon, Jun 24, 2019 at 9:46 AM Gabriel Marais via Unbound-users < unbound-users@nlnetlabs.nl> wrote: > Good morning, > > I was wondering if there is anyone that would offer their > comments/tips/experience with deploying Unbound on a large(ish) scale. > > We are looking at moving away from dnsmasq to something more > "structured" in order to achieve the following :- > > 1. Service around 20 000 devices with DNS Caching services > 2. Have a more structured deployment: having a few dns edges caches > linked to master caches which will be using Root servers for lookups > 3. DNS Stats - which we currently do not have on dnsmasq > > > We are planning to have a few edge caches & masters running in a > containerized environment (Ubuntu with LXD) behind a load balancer to > provide the service. > > > My questions are:- > > 1. How many edge caches & masters would be required to service around 20 > 000 devices? > 2. Which Distro are you using? Are there any advantages using something > like freeBSD over Ubuntu? > 3. Is it advisable to have the standard out-the-box implementation of > Unbound and deploy more containers in order to meet the desired 20 000 > devices or is it advised to change the configs/kernel parameters in > order to make available more sockets and less containers? > > > Regards > > Gabriel > -- *Pavel Odintsov* | DNS engineer pa...@cloudflare.com <https://www.cloudflare.com/> 1 888 99 FLARE | www.cloudflare.com