Sudden High Memory Usage and DNS issues With New ISP
-
When Disabling TLD Wildcard , Clients can successfully resolve websites and access pages but , I loose many of the subdomain blocking that worked before
Cron tasks also finish with any 'non responding' , with TLD disabled
Problem is many sites are not blocked without TLD
-
I have exactly the same issue too. With pfBlocker disabled, Unbound will run at 100MB ram ish, with it enabled, it eventually ends up at 2.5GB then crashes.
-
@both :
Using pfBlockerNG-devel 3.1.0 , right ?edit : if these posts were posted where they belong, you would have found the very first post on that forum that says :
"pfBlockerNG-devel v3.1.0_0 is out".
Reading that post would also explain why : see here.
-
@gertjan Yeah I'm using 3.1.0, I've followed the instructions on the page too but I'm still having an issue. Soon after enabling pfBlocker DNSBL, Unbound memory usage goes off the chart, then crashes. Fine with DNSBL disabled, RAM usage stays around 50MB
-
DNSBL :
unbound mode ?
python mode ?I'm using python mode myself for the last 6 months or so.
Rock solid.
Check out the conditions.
-
I found a workaround , I simply unchecked the Shalla List and UT1 Lists , instead I tried different DNSBL providers . Now RAM/CPU usage is back to 5-10%
THis does not explain the problem in the first place though . It seems the UT1/Shallalist is too big with TLD enabled I guess.
-
@90ninety said in Sudden High Memory Usage and DNS issues With New ISP:
Shalla List and UT1 Lists
You selected all the option ??
I'm using 'just' two of them :
are about 30000 DNSBL entries. That "30k" domain names.
-
@gertjan I'm still stuck with the same issue, I re-enabled DNSBL with Python mode, disabled UTL and Shallalist, enabled one Category with 10k domains and TLD disabled.
Sure enough, unbound Mem usage shot up to 400Mb immediately then roughly an hour later...
-
Humm, can't really tell what your pfSense is doing.
Look here :
Disable all pfBLockerNG, and test some days.
Then activate pfBBlokcerNG, with, for example, only IP lists.
Then add just one DNSBL, and test again for a couple of days.Keep looking at the monitoring.
-
@gertjan thanks for the heads up! I left everything running for a week with python mode enabled in Unbound, pfBlocker IP enabled and DNSBL disabled… ran like a charm.
Enabled DNSBL last night with one Feed with 10k ish domains, so a pretty small list. Here’s the memory usage, staying consistent until I flipped the switch, within an hour unbound crashed with no obvious log.
