Using DNSMasq 2.76 on the Openwrt platform with a raspberry pi 3 like device
for home networking 1GB RAM, dual core 1 GHZ processor). Additionally I'm
using the the adblock set of scripts found @
(https://github.com/openwrt/packages/tree/master/net/adblock/files) to block
malware and porn sites. The porn sites list is about 800,000 entries, about 10x
the number of sites adblock normally uses. With the full list of malware and
porn domains loaded,
dnsmasq takes 115M of memory and normally sits around 50% CPU usage with
moderate browsing usage. CPU and RAM usage isn't really a problem other
than lookups are slow now. Platform is cc 15.05.1 r49389.
The adblock script takes downloads different lists, creates a file for each
list in the format:
local=/40def14.codns.com/ local=/944413269.3322.org
local=/domainnottogoto.com/ ... With one entry per line. The goal is to return
NXDOMAIN when the local clients use the dnsmasq as the its primary dns server.
Lists are sorted and with unique entries, so duplicates are limited.
In an effort to address the performance issues I've tried increasing the
dnsmasq cachesize to 10,000 but that made no change in performance. Also tried
neg-ttl=3600 with default negative caching enabled with no change - thinking
that if dnsmasq would cache the no response queries performance would go up.
This didn't have any noticeable improvement in performance.
Are there dnsmasq setting that will improve the performance? or should it
be configured differently to achieve this goal?
Perhaps unbound would be better suited?
Cheers
Derek
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
