[OpenWrt-Devel] Slow DNSMasq with > 100, 000 entries in additional addresses file
TheWerthFam
thewerthfam at gmail.com
Mon Dec 26 21:54:57 EST 2016
Problem with this method is that it misses lots of HTTPS based sites. I
do already run squid though. Am I wrong that it will not proxy https
sites unless you use MITM type setup?
Thanks
On 12/26/2016 08:47 PM, Lucian Cristian wrote:
> On 26.12.2016 19:32, TheWerthFam wrote:
>> Using the adblock set of scripts to block malware and porn sites. The
>> porn sites list is 800,000 entries, about 10x the number of sites
>> adblock normally uses. With the full list of malware and porn
>> domains loaded, dnsmasq takes 115M of memory and normally sits around
>> 50% CPU usage with moderate browsing usage. CPU and RAM usage isn't
>> really a problem other than lookups are slow now. Platform is cc
>> 15.05.1 r49389 on banana pi r1.
>>
>> The adblock script takes the different lists, creates files in
>> /tmp/dnsmasq.d/ entries looking like
>> local=/domainnottogoto.com/ one entry per line. The goal is to
>> return NXDOMAIN to entries in the lists. Lists are sorted and with
>> unique entries.
>>
>> I've tried increasing the cachesize to 10,000 but that made no
>> change. Tried neg-ttl=3600 with default negative caching enabled
>> with no change.
>>
>> Are there dnsmasq setting that will improve the performance? or
>> should it be configured differently to achieve this goal?
>> Perhaps unbound would be better suited?
>>
>> Cheers
>> Derek
>> _______________________________________________
>> openwrt-devel mailing list
>> openwrt-devel at lists.openwrt.org
>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
> use squid and squidguard
>
> regards
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list