Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Slow DNS Resolutions, actually slow everything

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 281 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jfowles
      last edited by

      Hey all,
      I am having an issue that I can't quite pin down. I have a SG-3100 with unbound, suricata, and pfblocker running. Everything was running fine until lately. Now DNS resolutions (when they work) take forever, 1000ms+, and even connecting to any local host via IP, pfsense included, takes 3-5 minutes of resolving host. It seems to work for a few minutes after a reboot, but then dies out again.
      I've tried stopping pfblocker and suricata individually to see if that was the issue, but there was no change.
      I have not noticed anything in the logs other than timeouts for DNS, but I might be looking at the wrong logs.
      The most recent change I added was to VLAN out my network and add dynamic dns. Although it seemed to work fine for a couple of days before this issue.

      Other info:
      Using localhost, 1.1.1.1, 1.0.0.1, forwarder disabled, and dnssec in unbound.
      DHCP registers host correctly, but even internal hosts are slow to resolve, or timeout.
      Other VLANs are only allowed to talk to pfsense for DNS resolutions and internet. No other interVLAN communication.

      1 Reply Last reply Reply Quote 0
      • J
        jfowles
        last edited by jfowles

        Also, if I disable unbound, everything works fine. With unbound on I have 100% CPU utilization all the time.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.