Long NXDOMAIN list causes looping DNS cache refresh with CPU usage spikes

rolfschneider · Thu Apr 25, 2024 11:27 pm

I am filtering about 5000 domain entries (adservers) by returning NXDOMAIN via

/ip dns static
add type=NXDOMAIN name="023hysj.com"
add type=NXDOMAIN name="101com.com"
add type=NXDOMAIN name="101order.com"
.
.
.

on routeros 7.14.3 (mipsbe).

Everything works as expected, but I observe that the DNS cache list (size is 4 MB) is refreshed every four seconds, with a spike in CPU usage. The TTL starts at 24 h and counts back to 23:59:56 before the cycle repeats.

My questions are:

1.) Is this normal?
2.) Can I improve this behaviour (less CPU usage) without affecting the functionality?

Long NXDOMAIN list causes looping DNS cache refresh with CPU usage spikes

Long NXDOMAIN list causes looping DNS cache refresh with CPU usage spikes

Who is online