[Dnsmasq-discuss] Slow DNSMasq with > 100, 000 entries in additional addresses file
TheWerthFam
thewerthfam at gmail.com
Tue Dec 27 02:51:23 GMT 2016
Yousong,
Do you know what version this was patched against?
Thanks
On 12/26/2016 09:17 PM, Yousong Zhou wrote:
> On 27 December 2016 at 08:39, TheWerthFam <thewerthfam at gmail.com> wrote:
>> Using DNSMasq 2.76 on the Openwrt platform with a raspberry pi 3 like device
>> for home networking 1GB RAM, dual core 1 GHZ processor). Additionally I'm
>> using the the adblock set of scripts found @
>> (https://github.com/openwrt/packages/tree/master/net/adblock/files) to block
>> malware and porn sites. The porn sites list is about 800,000 entries, about
>> 10x the number of sites adblock normally uses. With the full list of
>> malware and porn domains loaded,
>> dnsmasq takes 115M of memory and normally sits around 50% CPU usage with
>> moderate browsing usage. CPU and RAM usage isn't really a problem other
>> than lookups are slow now. Platform is cc 15.05.1 r49389.
>>
>> The adblock script takes downloads different lists, creates a file for each
>> list in the format:
>> local=/40def14.codns.com/
>> local=/944413269.3322.org
>> local=/domainnottogoto.com/
>>
>> ...
>> With one entry per line. The goal is to return NXDOMAIN when the local
>> clients use the dnsmasq as the its primary dns server. Lists are sorted and
>> with unique entries, so duplicates are limited.
>>
>> In an effort to address the performance issues I've tried increasing the
>> dnsmasq cachesize to 10,000 but that made no change in performance. Also
>> tried neg-ttl=3600 with default negative caching enabled with no change -
>> thinking that if dnsmasq would cache the no response queries performance
>> would go up. This didn't have any noticeable improvement in performance.
>>
>> Are there dnsmasq setting that will improve the performance? or should it
>> be configured differently to achieve this goal?
>> Perhaps unbound would be better suited?
>>
>> Cheers
>> Derek
> There was a patch posted in 2015 trying to optimise this. It's worth a try.
>
> [1] [PATCH v2] Optimize ipset/server/local/address/rebind-domain-ok
> performance, http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q1/009257.html
>
> yousong
>
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
More information about the Dnsmasq-discuss
mailing list