Unbound is slow at loading (big) auth/rpz -zones at startup

[pettai]

Describe the bug Unbound is slow at loading (big) auth/rpz -zones at startup (compared to bind9, with the same zones)

To reproduce Steps to reproduce the behavior:

# time systemctl restart bind9
real    0m20.220s
user    0m0.004s
sys 0m0.010s

# time systemctl restart unbound
real    1m32.820s
user    0m0.010s
sys 0m0.004s

Expected behavior Optimizing unbounds loading of the auth/rpz zone(s) would be beneficial

Both fetching (transfer) and loading the auth-/rpz-zones into unbound is done as a giant serial operation. By at least making them as two independent tasks could speedup (re)starting of unbound a lot. And parallelization of both those tasks would also be beneficial...

System:

• Unbound version: 1.19.0
• OS: Ubuntu 22.04
• unbound -V output:

  
  Version 1.19.0

Configure line: --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=${prefix}/lib/x86_64-linux-gnu --libexecdir=${prefix}/lib/x86_64-linux-gnu --disable-maintainer-mode --disable-dependency-tracking --disable-rpath --with-pidfile=/run/unbound.pid --with-rootkey-file=/var/lib/unbound/root.key --with-libevent --with-libhiredis --with-libnghttp2 --with-pythonmodule --enable-cachedb --enable-subnet --enable-dnstap --enable-systemd --with-chroot-dir= --with-dnstap-socket-path=/run/dnstap.sock --libdir=/usr/lib Linked libs: libevent 2.1.12-stable (it uses epoll), OpenSSL 3.0.2 15 Mar 2022 Linked modules: dns64 python cachedb subnetcache respip validator iterator

[CRCinAU]

I found this too when looking at moving my RPZ zone from bind -> unbound.

In bind, you can at least compile the text format zone file to raw and it loads MUCH faster again.

[pettai]

nsd just got simdzone implemented, perhaps this could be implemented for unbound to parse auth zones too