AdGuardHome
AdGuardHome copied to clipboard
AdguardTeam
CPU goes to 50% when encryption is enabled and DNS-over-TLS port is specified (CPU is normally 1% or 2%)
Prerequisites
-
[X] I have checked the Wiki and Discussions and found no answer
-
[X] I have searched other issues and found no duplicates
-
[X] I want to report a bug and not ask a question or ask for help
-
[X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)
Platform (OS and CPU architecture)
Linux, AMD64 (aka x86_64)
Installation
GitHub releases or script from README
Setup
Other (please mention in the description)
AdGuard Home version
0.107.43
Action
Enabled encryption and specified DNS-over-TLS port.
Expected result
I expected little or no change in CPU usage
Actual result
CPU usage went from 1% to around 50% permanently until I removed the DNS-over-TLS port
Additional information and/or screenshots
I have tried this on two machines and got the same result. first I was running it in a docker container then created a fresh install on proxmox in in a container. both installs gave me the same result with CPU increasing considerably.
Odd, I don't see this at all. What sort of SSL certifcate is it, RSA or ECC?
I have an ECC on my instance (a container in Proxmox) and the CPU is basically 0%.
How many clients? It's not open to the whole Internet and being abused, is it?
The certificate is from LetsEncrypt and RSA. It is on my local network so not accessible from outside and I have roughly 30 devices on my network. It is only a problem when the DNS-over-TLS port is specified. which is strange.
@darrenwaller, thanks for the report.
- Does it occur with any specified port for DoT, or just one specific port?
- Does it occur with any other encrypted DNS such as DoH?
- Does it occur in the latest version?
- Does it occur if the default DoT port is used?
This can be closed, the culprit was Home Assistant, I disabled fallback dns in Home Assistant and the problem went away :)