[Dnsmasq-discuss] Slow DNSMasq with > 100, 000 entries in additional addresses file
Yousong Zhou
yszhou4tech at gmail.com
Tue Dec 27 02:17:34 GMT 2016
On 27 December 2016 at 08:39, TheWerthFam <thewerthfam at gmail.com> wrote:
> Using DNSMasq 2.76 on the Openwrt platform with a raspberry pi 3 like device
> for home networking 1GB RAM, dual core 1 GHZ processor). Additionally I'm
> using the the adblock set of scripts found @
> (https://github.com/openwrt/packages/tree/master/net/adblock/files) to block
> malware and porn sites. The porn sites list is about 800,000 entries, about
> 10x the number of sites adblock normally uses. With the full list of
> malware and porn domains loaded,
> dnsmasq takes 115M of memory and normally sits around 50% CPU usage with
> moderate browsing usage. CPU and RAM usage isn't really a problem other
> than lookups are slow now. Platform is cc 15.05.1 r49389.
>
> The adblock script takes downloads different lists, creates a file for each
> list in the format:
> local=/40def14.codns.com/
> local=/944413269.3322.org
> local=/domainnottogoto.com/
>
> ...
> With one entry per line. The goal is to return NXDOMAIN when the local
> clients use the dnsmasq as the its primary dns server. Lists are sorted and
> with unique entries, so duplicates are limited.
>
> In an effort to address the performance issues I've tried increasing the
> dnsmasq cachesize to 10,000 but that made no change in performance. Also
> tried neg-ttl=3600 with default negative caching enabled with no change -
> thinking that if dnsmasq would cache the no response queries performance
> would go up. This didn't have any noticeable improvement in performance.
>
> Are there dnsmasq setting that will improve the performance? or should it
> be configured differently to achieve this goal?
> Perhaps unbound would be better suited?
>
> Cheers
> Derek
There was a patch posted in 2015 trying to optimise this. It's worth a try.
[1] [PATCH v2] Optimize ipset/server/local/address/rebind-domain-ok
performance, http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q1/009257.html
yousong
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list