[Dnsmasq-discuss] dnsmasq using 100% cpu on router

Simon Kelley simon at thekelleys.org.uk
Thu Apr 24 11:41:36 UTC 2014 

On 22/04/14 20:04, David Joslin wrote:
> Hi
> 
> I have an Asus rt-n16 router running the Shibby version of the Tomato
> firmware which includes dnsmasq version 2.69test3. It's in use in a
> building that frequently has 50+ users on a wireless network and dnsmasq
> has performed extremely well with very little load on the router.
> 
> However, we've recently run a couple of conferences in the building and the
> number of people using the wireless network has been just over 100. Several
> times there have been problems resolving addresses and when I've looked at
> the router dnsmasq has been using 100% cpu. Restarting dnsmasq temporarily
> fixes the problem but it occurs again maybe 20 minutes later.
> 
> I've turned off logging, increased the cache-size and the maximum number of
> dhcp leases (anything I could see that might be a problem with more users)
> but this hasn't fixed the problem.
> 
> I wondered if anyone has come across anything similar or has any
> suggestions?
> 

The first thing is to try and decide which of two possible scenarios ar
happening. The first is that you've triggered a bug in the code and
dnsmasq is looping somewhere without ever getting back to the select()
loop and doing actual work. The second is that it's getting so much work
that it's running out of CPU to do it.

In the first case, dnsmasq will stop working entirely. Is that
consistent with  "problems resolving addresses" or does it still
partially work? Turning off logging is probably counter-productive here,
the logs may have valuable clues.


In the second case, DNSSEC is something to worry about. Do you have that
turned on?

Also, it's possible to arrive at configurations with DNS forwarding
loops where once DNS query gets sent upstream, but somehow ends up back
at the dnsmasq instance that originally forwarded it and then goes round
in circles. It's quite difficult to do this without at least two dnsmasq
instances, but it is possible.

Finally, logging to a syslog daemon which does its own DNS lookups (to
label logs from remote hosts) can create a collapse: dnsmasq will log
several lines for each DNS query, if each of those lines generates a new
DNS query which has to handled by dnsmasq, it all goes wrong very quickly.


Cheers,


Simon.

More information about the Dnsmasq-discuss mailing list