Messages

Well, a few days later and I'm really spinning my wheels.

With hostwatch disabled things were more stable for about 48 hours but the problems returned, only slightly different. DNS gets spotty but DHCP no longer drops out, however opnsense's IPv4 address becomes unreachable and unable to be pinged by any devices on the network. I can still log in to the webgui and am not seeing any helpful messages in any logs I can find.

For now, I've rolled DNS and DHCP over to a pihole docker container I was using previously - this has made things MUCH more stable, however the IPv4 address of opnsense still becomes unpingable 1-2x per day for seemingly no reason, continuing to cause network dropouts. Before the IPv4 address becomes unreachable, I can see https GET requests for URLs on the public internet start timing out intermittently. I'm going to try and get more metrics from opnsense using an additional node exporter but at this point I'm planning to get it off the network if I can't identity the cause and fix it soon.

Hello!

I checked /var/log/resolver/resolver_20260126.log and don't have any entries in that immediate timeframe aside from the database restore line - I actually have zero entries in the log UNTIL that database auto restore occurs.

I did not see any activity that looked anomalous from clients when I was troubleshooting, and I've had 99% free disk space since installing opnsense, currently sitting at about 1.3gb in use. I cleared log data and turned off unbound reporting as part of troubleshooting so no new data currently.

I experienced another episode of DNS/DHCP failures less than 12 hours after disabling unbound reporting. BUT, after finding all of the reports of HostWatch causing issues I've had autodiscovery disabled for about 24 hours now and so far I have not had any problems. If I don't have any issues over the next couple days I'll re-enable it and see if the problems come back to confirm it as the culprit.

of course, forgot to upload images. Attached here.

Hi all. First time poster and new OPNsense user here.

TLDR; DNS/DHCP breaks once per day but appears to self-resolve when duckdb restore/cleanup task runs. How to make this cycle stop?

Background:
I first set up OPNsense 25.7.11 about two weeks ago. I followed a pretty basic tutorial to set up my interfaces, a couple vlans, DNSmasq and DHCP + unbound, added in DNS over TLS, enabling IPv6, and started playing around with plugins like the node exporter and tailscale as well as adding in blocklists - it's been a lot of fun and I was really enjoying the platform.

However after a few days I started experiencing 1x daily DNS outages - first resolution becomes spotty, then fails completely, of course resulting in failures all over my network. At first I definitely blamed myself and a bad config - I tried systematically removing IPv6, DoT, getting rid of a wildcard override in unbound, removing the singular blocklist I added, and getting rid of all restrictive firewall rules, adding new ones to ensure dns ports were allowed etc. but no matter what the 1x daily DNS outage keeps occurring.

Through troubleshooting, I discovered that in addition to DNS issues, it appears that all IPv4 addressing stops working during these outages - clients lose ipv4 addresses (showing APIPA addressing) and opnsense becomes unreachable via IPv4, but remains accessible over IPv6 - and all services show as running and healthy on opnsense, including unbound and DHCP. The weirdest part is opnsense itself has no issues resolving hostnames using the diagnostic tool during these outages.

Troubleshooting:
Two days ago I factory reset my isp's router (that sits in front of opnsense in bridge mode) and did a fresh install of opnsense. My LAN firewall rules currently only consist of allowing IPv4 and IPv6 from LAN to all, pic attached. I again enabled dnsmasq, dhcp + unbound, DoT, and am still running IPv6, and the DNS issues continue 1x daily, with all of the same symptoms/behavior. Today, January 26th, DNS issues began at around 11:15am and ended at 13:30pm as evidenced by uptime-kuma DNS monitoring (image attached). I was not home so did nothing to mitigate, and the issue self resolved.


This time, I managed to catch a line in the Unbound log file that coincided with exactly when the issue self-resolved:

2026-01-26T13:30:51-06:00 Notice unboundDatabase auto restore from /var/cache/unbound.duckdb for cleanup reasons in 2.59 seconds

Likely related, metrics collected via node exporter and brought into grafana show free memory dropping from over 1GiB to below 500Mib at 13:31pm, essentially the same time as that duckdb restore/cleanup occurred (image attached).

I am assuming that this db is becoming unhealthy/corrupted/oversized in advance of the (likely scheduled?) cleanup on a regular basis, and that issue is affecting DHCP somehow. Forgive my ignorance of how duckdb is used on the platform. My primary concern is predictably- how can I make this stop happening? Turn off unbound reporting altogether? Initiate more frequent cleanups? Set stricter db size limit somewhere? I'm not quite sure how to proceed, and as you might expect, opnsense is not passing the wife test so far (keeps interrupting her shows).

I'm going to disable unbound reporting right now and see if that helps at all, but interested if anybody has any insight or suggestions! Happy to provide any other info as needed. Thanks in advance!

opnsense version: OPNsense 25.7.11_2-amd64
Hardware: Lenovo ThinkCentre M70q Gen1, 4gb RAM, 12 core CPU, 500GB SATA SSD, 1gb onboard nic used for WAN interface, 2.5gb Intel m.2 > Ethernet adapter card for LAN
Environment: ISP modem in bridge mode > opnsense box > 24 port USW pro for lan, including 1 WAP