Adlist memory leak

RouterOS General
1

After reading an article about Adlist feature in DNS, I tried it. I increased the cache size of my back router CCR2004 to 768 Mbytes, and I got eight (8) URLs and started with these. After some days I deleted the URls so I thought that Adlist has stopped.

After about 11 days, my 2004 rebooted (log):

router was rebooted without proper shutdown, probably kernel failure
kernel failure in previous boot
out of memory condition was detected

I realized it after a week (the 2004 rebooted ok)…

I also applied these to a 686 (PC) router with 1 GB cache size (ram = 4 Gbytes like the 2004). The same thing happened! See attached image.

I rebooted 686 and the problem exists. I made an update to 7.81.1, and the problem persists. It’s like a Virus is installed in the O/S…

In the mean time, I also updated 2004 to 7.18, and the problem persists. So it has nothing to do with the platform. Everything was working fine until the Adlist try. In the relevant DNS Adlist page there is no clue if anything is running. I also tried the [pause] feature, nothing changed. I decreased the cache size, the same.

My 2004 is a production router and I don’t want to netinstall.
686-week.png

2

How did you come up with the value 768 Mbytes?

3

Adlist feature needs a lot of ram to run (fills the cache with data). 768 I mean 3/4 of a
Gbyte, it’s an arbitrary number as long there is enough to host the adlist(s).

4

How big are your lists? Currently I’m using three (well known) lists and set cache to 64MB, halve of the cache isn’t used.
And how many users are you providing network?

5

I got these lists:

/ip dns adlist
add ssl-verify=no url=https://big.oisd.nl/
add ssl-verify=no url=https://v.firebog.net/hosts/Prigent-Crypto.txt
add ssl-verify=no url=
https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
add ssl-verify=no url=
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
add ssl-verify=no url=“https://raw.githubusercontent.com/DandelionSprout/adfil\
t/master/Alternate%20versions%20Anti-Malware%20List/AntiMalwareHosts.txt”
add ssl-verify=no url=“https://raw.githubusercontent.com/FadeMind/hosts.extras\
/master/add.Spam/hosts”
add ssl-verify=no url=“https://raw.githubusercontent.com/PolishFiltersTeam/KAD\
hosts/master/KADhosts.txt”
add ssl-verify=no url=“https://raw.githubusercontent.com/mkb2091/blockconvert/\
master/output/domains.txt”

which gave thousands of IPs. About 300+ Mbytes (if I recall correctly). Only 3-4 lists were actually had matched results.

About 20 users plus ~5 VPNs.

6

Sure the out of memeory is caused by AdList?

7

An exact same CCR2004 is my front router and works ok, as the problem router worked before the Adlist activation. The 686 router also started leaking after the Adlist activation, so yes, this is the reason. I didn’t do any serious change to the 2004 router to justify such a problem. I activated the Adlist somewhere after the 7.14 version.

8

Are you sure those list formats work with adlists, last time I checked I had strange problems with anything other than the following type

0.0.0.0 0.org
0.0.0.0 0.to
0.0.0.0 www.0.org
0.0.0.0 www.0.to
0.0.0.0 0--4.com
0.0.0.0 www.0--4.com
0.0.0.0 0--d.com
0.0.0.0 www.0--d.com
0.0.0.0 0-0-0checkmate.com
9

Perhaps that’s true, but when I remove all of these didn’t suppose to end this service? And why the memory leak continues after a reboot (or update)?

10

Must be device specific, drop them a note if you think it’s leaking again!

uptime: 1d2h53m50s         
                  version: 7.19beta2 (testing)
               build-time: 2025-02-28 06:58:12
         factory-software: 7.5                
              free-memory: 624.6MiB           
             total-memory: 1024.0MiB          
                      cpu: ARM64              
                cpu-count: 4                  
            cpu-frequency: 864MHz             
                 cpu-load: 0%                 
           free-hdd-space: 81.7MiB            
          total-hdd-space: 128.0MiB           
  write-sect-since-reboot: 6127               
         write-sect-total: 5919297            
               bad-blocks: 0%                 
        architecture-name: arm64              
               board-name: hAP ax^2           
                 platform: MikroTik

Just popping mine here to monitor just incase, I am using 27.5MB cache with this list… https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/pro.txt

using these settings…

/ip/dns/export                                                
# 2025-03-06 13:19:18 by RouterOS 7.19beta2
# software id =
#
# model = C52iG-5HaxD2HaxD
# serial number =
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d cache-size=250000KiB \
    doh-max-concurrent-queries=200 doh-max-server-connections=6 max-concurrent-queries=200 \
    max-concurrent-tcp-sessions=40 use-doh-server=https://cloudflare-dns.com/dns-query \
    verify-doh-cert=yes
/ip dns adlist
add url=https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/pro.txt
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan type=A
add address=1.1.1.1 name=cloudflare-dns.com type=A
add address=1.0.0.1 name=cloudflare-dns.com type=A
11

To be fair, its a fairly new functionality and it wouldnt be a surprize to have some type of leak.
Good of you to be monitoring and tracking it and trying to pin it down!
At some point you should take some supout reports if unable to remove the leak and report a bug to MT.

12

I don’t see any problems here, infact my free memory has got bigger through the day, and my cache size has increased slightly as I would expect.

cache-used: 27585KiB
free-memory: 629.7MiB
total-memory: 1024.0MiB

13

So thats good, now see if there is any difference to how both of you are using the service…that may provide clues.

14

That’s the point, I DON’T use the service, the Adlist page is empty and the leak stays AND survives reboot/updates! My other CCR2004 in which never started Adlist is doing fine.

15

I updated the 686 to 7.19beta2 and the leak still exists.

16

How to cripple your router!

Less than two (2) weeks runtime and the router will crash! I have to manually reboot to avoid this.

Nothing to do fixes this. I will buy a new router and transfer the configuration some Sunday at the future.


Notice: This particular 2004 is rather older model with 1700 MHz cpu. The newer models are at 2000 MHz.
2004-leak.png
2004-leak2.png

17

Waiting for the usual “RAM is to be used” reply. :joy:

18

If he has actually removed all the config for Adlist and yet it still fills up the memory after an upgrade, wouldn’t that indicate that a Netinstall should be next? Seem like there’s some stuck configuration here.

19

This is our main (back) router, I don’t have the luxury to Netinstall… I will buy a new one, and after the replacement, I will Netinstall the old router offline, safely, and without seriously interrupting our operations.

20

Same issue on my HexGr3. After 3 days, my RAM dropped from 175MiB to 51MiB and then restarted. And repeat on the exact same days.