Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Keep DNS Resolver running when interface goes down

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 3 Posters 522 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      d1novak
      last edited by

      I use a netgate 6100 to provide high availability with 2 internet service providers. My PC is directly connected to the device. When I start my PC, it takes a few minutes for the DNS Resolver to start responding to requests.
      There must be a way to keep the DNS Resolver from shutting down when my pc is off. I'd rather not spend more money on another switch just to keep the interface up.

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @d1novak
        last edited by johnpoz

        @d1novak unbound isn't turning off, its just not bound to that interface/ip any more - how could it be when its not there.. So when it comes back, yes unbound would have to restart to bind to that interface again.

        If that takes more than a few seconds, your prob running into same sort of issue as this thread.

        https://forum.netgate.com/topic/186329/after-updating-host-override-resolver-takes-over-2-minutes-to-come-back-online

        So I have unbound tied to one of my interfaces that goes to a test switch.. if I pull the cable on it, so its off, when I plug it back in takes unbound only a few seconds to restart and be listening on that interface again..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        D 1 Reply Last reply Reply Quote 0
        • D
          d1novak @johnpoz
          last edited by

          @johnpoz Thank you for the clarification.
          I do run alot of dnsbl in pfblocker.
          I teach classes on zoom so I created a work around with a powershell startup script that changes dns to 8.8.8.8 for first 5 min, then back to the resolver. This way if my machine reboots in the middle of zoom call, I can quickly get back in.
          Thanks again

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @d1novak
            last edited by Gertjan

            @d1novak said in Keep DNS Resolver running when interface goes down:

            I do run alot of dnsbl in pfblocker.

            Do the test :

            9c22a1a9-63f7-4f6e-8e2b-d4b0e75a2ae1-image.png

            If the actual unbound stop and start takes more then 'several seconds', then you have a choice to make :
            Go for a big "Intel Iron", with loads of memory, SSD all over the place,
            Or
            Lower the number of total DNSBL entries.

            When the DNSBL files are refreshed/reloaded, they are all placed in one big file, sorted out, doubles removed, and formatted so the python module can actually use them.
            This is done using PHP web script language, not a great language to do huge file handling tasks.
            Throwing hundreds of thousands of DNSBL line at it, that's fine. But millions ? That a a no-go as it leaves your system for a very noticeable moment without DNS. Added to all this, the PHP process is memory upound. It can't all the system memory that is available, their is an 'upper floor'.

            Example : These :
            Take a second or two to get sorted, and unbound restarts in a second or so.
            I'm using a using a
            1941ca36-4eaf-407d-afc6-cf77d811c597-image.png

            when I add more feeds, bringing the total of DNSBL entries over a couple of millions, my system becomes what I qualify unusable / not stable.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.