Differences

This shows you the differences between two versions of the page.

--- pfsense:dns:troubleshooting:slow_dns_response [2021/01/31 17:22] – peter
+++ pfsense:dns:troubleshooting:slow_dns_response [2021/02/01 09:24] (current) – peter
@@ Line 1: / Line 1: @@
 ====== PFSense - DNS - Troubleshooting - Slow DNS Response ======
+Various things to check.
+<WRAP info>
+**CONCLUSION:**  Unbound restarts each time a DHCP lease gets initiated or renewed.
+Ideally, Unbound should not restart but simply needs to refresh.  Unbound needs to be fixed.
+If pfBlockerNG is being used, this could mean upwards of 60 seconds of downtime whilst it reloads any blocklists.
+</WRAP>
 ----
@@ Line 8: / Line 19: @@
   * Firewall Maximum Table Entries:  2000000
+<WRAP info>
+**NOTE:**  If this figure is too low, it will result in slowness.
+The higher this value, the more memory it will use, so be careful setting this too high on systems with low memory.
+</WRAP>
 ----
@@ Line 106: / Line 124: @@
 <code bash>
-total.num.queries=1297
+total.num.queries=11060
 total.num.queries_ip_ratelimited=0
-total.num.cachehits=1026
+total.num.cachehits=10669
-total.num.cachemiss=271
+total.num.cachemiss=391
-total.num.prefetch=96
+total.num.prefetch=342
-total.num.expired=88
+total.num.expired=295
-total.num.recursivereplies=271
+total.num.recursivereplies=438
-msg.cache.count=1552
+msg.cache.count=2073
-rrset.cache.count=3277
+rrset.cache.count=4222
-infra.cache.count=3255
+infra.cache.count=6734
-key.cache.count=132
+key.cache.count=174
 </code>
@@ Line 173: / Line 191: @@
   * For every DHCP entry, you could set and maintain, at the bottom of the page, the **DHCP Static Mappings for this Interface**.
   * On the **Status -> DHCP Leases** page you can also choose what lease you want to add as a Static lease.
+Other options to try:
+  * Reduce the number of pfBlockerNG blocks.
+  * This should speed up the restart of Unbound.
 </WRAP>