Keep DNS Resolver running when interface goes down
-
I use a netgate 6100 to provide high availability with 2 internet service providers. My PC is directly connected to the device. When I start my PC, it takes a few minutes for the DNS Resolver to start responding to requests.
There must be a way to keep the DNS Resolver from shutting down when my pc is off. I'd rather not spend more money on another switch just to keep the interface up. -
@d1novak unbound isn't turning off, its just not bound to that interface/ip any more - how could it be when its not there.. So when it comes back, yes unbound would have to restart to bind to that interface again.
If that takes more than a few seconds, your prob running into same sort of issue as this thread.
So I have unbound tied to one of my interfaces that goes to a test switch.. if I pull the cable on it, so its off, when I plug it back in takes unbound only a few seconds to restart and be listening on that interface again..
-
@johnpoz Thank you for the clarification.
I do run alot of dnsbl in pfblocker.
I teach classes on zoom so I created a work around with a powershell startup script that changes dns to 8.8.8.8 for first 5 min, then back to the resolver. This way if my machine reboots in the middle of zoom call, I can quickly get back in.
Thanks again -
@d1novak said in Keep DNS Resolver running when interface goes down:
I do run alot of dnsbl in pfblocker.
Do the test :
If the actual unbound stop and start takes more then 'several seconds', then you have a choice to make :
Go for a big "Intel Iron", with loads of memory, SSD all over the place,
Or
Lower the number of total DNSBL entries.When the DNSBL files are refreshed/reloaded, they are all placed in one big file, sorted out, doubles removed, and formatted so the python module can actually use them.
This is done using PHP web script language, not a great language to do huge file handling tasks.
Throwing hundreds of thousands of DNSBL line at it, that's fine. But millions ? That a a no-go as it leaves your system for a very noticeable moment without DNS. Added to all this, the PHP process is memory upound. It can't all the system memory that is available, their is an 'upper floor'.Example : These :
Take a second or two to get sorted, and unbound restarts in a second or so.
I'm using a using a
when I add more feeds, bringing the total of DNSBL entries over a couple of millions, my system becomes what I qualify unusable / not stable.