I have been using Unbound for years with dnsmasq disabled (so it acts as a recursive DNS server for clients on my network) with Adblock handled by Unbound. This has been great, though since upgrading to Pro/BE series routers (BE88U/BE86U/BE82U), I have been fighting some client instability and the need for some router reboots. I have been able to address a lot of this through configurations and strategic use of networks and VLANs, though recently was seeing the System Log messages growing uncontrollably (100+ MB in a day) to the point that logrotate wasn't even able to address it before the router started exhibiting performance and client instability.
Following a large amount of troubleshooting, I believe the issue is that the /jffs/scripts/dnsmasq.postconf has the following single entry:
This was restarting dnsmasq regardless of changes to the Adblock file, which may be a sign of something underlying causing frequent checks and possible failures that warrants further troubleshooting, though I put in this logic in place of it, which only restarts dnsmasq if a configuration change warrants restarting:
Since implementing this change, the dnsmasq restart storm completely stopped, unbound is functioning, logs back under control, and client stability preserved. I wanted to share here in case others are experiencing something similar with Unbound or another script that might be restarting dnsmasq as it presented itself as client stability issue even though the underlying issue was something else.
If you use Unbound with dnsmasq disabled and see massive log growth or client instability, this fix may help. Further, although Unbound_Manager isn't being updated often, this revised logic may be worth considering as an update for the dnsmasq.postconf entry to avoid this type of impact.
Following a large amount of troubleshooting, I believe the issue is that the /jffs/scripts/dnsmasq.postconf has the following single entry:
Code:
#!/bin/sh
# sh /jffs/addons/unbound/unbound.postconf "$1" # unbound_manager
Code:
#!/bin/sh
CONFIG_FILE="$1"
TMP_FILE="/tmp/dnsmasq.conf.tmp"
# Run Unbound postconf
sh /jffs/addons/unbound/unbound.postconf "$CONFIG_FILE"
# Compare old vs new config before restarting
if [ -f "$TMP_FILE" ]; then
if ! diff "$TMP_FILE" "$CONFIG_FILE" >/dev/null; then
cp "$CONFIG_FILE" "$TMP_FILE"
logger "dnsmasq.postconf: Changes detected, restarting dnsmasq"
service restart_dnsmasq
else
logger "dnsmasq.postconf: No changes detected, skipping restart"
fi
else
cp "$CONFIG_FILE" "$TMP_FILE"
logger "dnsmasq.postconf: Initial baseline created, restarting dnsmasq"
service restart_dnsmasq
fiIf you use Unbound with dnsmasq disabled and see massive log growth or client instability, this fix may help. Further, although Unbound_Manager isn't being updated often, this revised logic may be worth considering as an update for the dnsmasq.postconf entry to avoid this type of impact.
