Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ntopng-5.6.d20230216,1 / 0.8.13_10 on 23.05 - unbound recursion times get worse over time

    Scheduled Pinned Locked Moved
    Traffic Monitoring
    1
    1
    213
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joedan
      last edited by joedan

      I am running 23.05 with the above mentioned ntopng package.

      I have WAN / LAN IGC nics running at 1Gb and some Wireguard interfaces.

      This is running on an 8 core i5-8365U with 16GB ram. AES-NI CPU and IPsec-MB are enabled for Wireguard.

      ntopng is always configured to monitor LAN only and perform no DNS lookups in the settings.

      After starting ntopng it takes less than 10 minutes for unbound to become slower and slower eventually DNS response times take seconds. Restarting unbound solves it for another few minutes. Eventually I stop ntopng, restart unbound and everything instantly goes back to normal with average recursion into 45-65ms mark for DNS over TLS.

      I use grafana and the query rate doesn't really change from 2-5 queries per second, just the latency creeps in.

      92a0bd53-402f-4c83-a3c9-a5ea8974b9ee-image.png

      I have tried a number of things and nothing seems to work.

      Disable hardware checksum offload on/off
      DNS over TLS to Cloudflare (ipv4/ipv6)
      DNS over TLS to Google (ipv4/ipv6)
      Default unbound resolving to roots

      Removed all packages except PFBlockerNG.

      Confirmed igc5 (LAN) was not running in promisc mode before installation of ntopng - in case I was conflicting with other packages.

      Are there are any system commands or actions I can take to start troubleshooting this further? This would be appreciated. Any of the unbound stats being sent to Grafana don't really show anything special apart from the increased recursion times.

      I used to run ntopng just fine on 22.05, 23.01 is where I had DNS over TLS issues and removed ntopng as part of that troubleshooting exercise. Now on 23.05 and keen to get ntopng back on.

      Note ntopng and other tasks run fine, just DNS appears to be affected. iperf tests on the LAN give me close to line speed.

      1 Reply Last reply Reply Quote 1
      • First post
        Last post