Has anyone noticed this? I’m running a number of hotspots with 2.9 (various versions) where the hotspot redirects DNS to the DNS cache. After a long period of uptime ( > 60 days) logins to the router become slow, the CPU starts to spike, the CPU idle level continues to grow up, as does the memory usage. If I click flush on the DNS cache, it only flushes some of it, as the “cache used” value will show something like 1728KB if my max is 2048KB. This only happens once the cache has reached it’s maximum. A reboot will clear the cache and memory, but the CPU utilization continues to grow.
I’ve seen this on every version of 2.9 I’ve tried (including 2.9.24) and recently upgraded one from 2.9.18 to 2.9.24 but it’s still causing CPU issues. This was also a problem with 2.8, but it was much easier to bypass the internal DNS cache as you could just disable the firewall rule that redirects it. In 2.9, even after entering bypass rules in the pre-hotspot chain, the cache continues to grow.
So, is there a way to completely avoid the DNS cache when using the Hotspot? Is anyone noticing this issue? Seems there is a permanent memory leak in the DNS caching…
Thanks for the reply aitsecurty. Interesting, I rarely setup DNS from the terminal other than the primary and secondary, and have actually never noticed the ttl setting in there. I’ll give this a shot and see what happens. I appreciate the suggestion
Mikrotik, why is the cache-max-ttl setting not in winbox? Any chance this could be added at some point?
Well, here I am a few days later…I thought originally things were back to normal. The cache size has slowly decreased to somewhere around 1MB or so (using default 2048K limit). I’ve got the ttl set to 1 hour. Today, the router started to slow down again. Here’s my cache, which is full, won’t flush, and only reports a few entries (DNS numbers have been changed):
Terminal vt102 detected, using multiline input mode
[admin@mt] > ip dns
[admin@mt] ip dns> pr
primary-dns: 1.2.3.4
secondary-dns: 1.2.3.5
allow-remote-requests: no
cache-size: 2048KiB
cache-max-ttl: 1h
cache-used: 2048KiB
[admin@mt] ip dns> cache
[admin@mt] ip dns cache> flush
[admin@mt] ip dns cache> ..
[admin@mt] ip dns> pr
primary-dns: 1.2.3.4
secondary-dns: 1.2.3.5
allow-remote-requests: no
cache-size: 2048KiB
cache-max-ttl: 1h
cache-used: 2048KiB
[admin@mt] ip dns> cache
[admin@mt] ip dns cache> pr
Flags: S - static
# NAME ADDRESS TTL
0 www.mycricket.com 63.214.184.152 59m56s
1 ns4.customer.level3.net 209.244.4.53 28m52s
2 www.jumpmobile.com 64.78.18.76 59m57s
[admin@mt] ip dns cache> all pr
Flags: S - static, N - negative
# NAME TYPE DATA TTL
0 shaharazran.com A 69.12.119.152 59m59s
1 shaharazran.com NS ns1.dns-solutions.net 59m59s
2 shaharazran.com NS ns2.dns-solutions.net 59m59s
3 ns1.dns-solutions.net A 69.12.120.3 59m59s
4 ns2.dns-solutions.net A 69.12.69.3 59m59s
[admin@mt] ip dns cache>
[admin@mt] ip dns cache> /sys resou pr
uptime: 3d18h16m39s
version: "2.9.24"
free-memory: 93592kB
total-memory: 127700kB
cpu: "6x86"
cpu-load: 24
free-hdd-space: 31640kB
total-hdd-space: 60729kB
write-sect-since-reboot: 5778
write-sect-total: 621958
[admin@mt] ip dns cache>
I still think there is something wrong with the DNS cache… I’m going to generate a supout and send this one off to MT. I really hope this can get resolved. Again, I beleive this is a bug related to using the hotspot with dns.
Well, the watchdog timer kicked in this morning - router crashed and rebooted (a whopping 5 days uptime!). No supout was generated, even though this is enabled.
I’m going to generate a supout and send this one off to MT. I really hope this can get resolved. Again, I beleive this is a bug related to using the hotspot with dns.