Significant memory usage

[Lee]

On Tue, Jul 1, 2025 at 2:33 PM OwN-3m-All wrote:
>
> No, I'm not asking you to prioritize anything.  I'm just saying that previously valid and memory performant setups are not performing well on the newest versions of bind (using too much memory).

c'est la vie

> I created this setup based on guides I found online.  So, if this is not the proper way to do it, what is the proper way?

You're using the PGL adblock list - yes?
The proper way to do it would be something like

   get-pgl.sh
------------ begin cut here ------------
#!/bin/sh
# get the PGL adservers rpz zone
#   https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext

url="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext"
fname="db.rpz-pgl"

umask 002
cd /etc/bind

ds=$(date "+%F")
echo "date suffix: ${ds}"

if [ -f "${fname}.${ds}" ]; then
   echo "OhNoes!!! ${fname}.${ds} already exists!"  >&2
   exit 1
fi

mv ${fname}  ${fname}.${ds}
stat=$?

if [ $stat -ne 0 ]; then
   echo "Oh Noes!! 'mv ${fname}  ${fname}.${ds}' failed!!?  ${stat}"  >&2
   exit 2
fi

wget --no-proxy -O ${fname} ${url}
stat=$?

if [ $stat -ne 0 ]; then
   echo "OhNoes!!! wget ${url} failed: ${stat}"  >&2
   exit 3
fi

dos2unix ${fname}
stat=$?

if [ $stat -ne 0 ]; then
   echo "OhNoes!!! dos2unix ${fname}  failed: ${stat}"  >&2
   exit 4
fi

------------  end  cut here ------------

then in your named.conf you'd have something like

  response-policy { zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl"; }
     break-dnssec yes
     recursive-only no
     qname-wait-recurse no;

zone            "rpz.foo"     in { ... }
zone            "rpz.bar"     in { ... }
zone            "rpz.pgl"     in { type master; notify no; file
"/etc/bind/db.rpz-pgl"; };

Regards,
Lee