[OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file

TheWerthFam thewerthfam at gmail.com
Mon Dec 26 12:32:08 EST 2016

Using the adblock set of scripts to block malware and porn sites. The 
porn sites list is 800,000 entries, about 10x the number of sites 
adblock normally uses.  With the full list of malware and porn domains 
loaded, dnsmasq takes 115M of memory and normally sits around 50% CPU 
usage with moderate browsing usage.  CPU and RAM usage isn't really a 
problem other than lookups are slow now. Platform is cc 15.05.1 r49389 
on banana pi r1.

The adblock script takes the different lists, creates files in 
/tmp/dnsmasq.d/ entries looking like
local=/domainnottogoto.com/   one entry per line.  The goal is to return 
NXDOMAIN to entries in the lists. Lists are sorted and with unique entries.

I've tried increasing the cachesize to 10,000 but that made no change.  
Tried neg-ttl=3600 with default negative caching enabled with no change.

Are there dnsmasq setting that will improve the performance?  or should 
it be configured differently to achieve this goal?
Perhaps unbound would be better suited?

openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list