I have continuos entries in my system log after upgrading to 5.2.2:
[…]
Jun 27 18:18:10 turris kresd[23986]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:10 turris kresd[24133]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:11 turris kresd[24133]: [ta_update] refreshing TA for .
Jun 27 18:18:11 turris kresd[24133]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:13 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:14 turris kresd[24314]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:14 turris kresd[24314]: [ta_update] refreshing TA for .
Jun 27 18:18:14 turris kresd[24314]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:15 turris kresd[24469]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:15 turris kresd[24469]: [ta_update] refreshing TA for .
Jun 27 18:18:15 turris kresd[24469]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:18 turris hotplug: Reload resolver because of interface address update
Jun 27 18:18:18 turris kresd[24650]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:18 turris kresd[24650]: [ta_update] refreshing TA for .
Jun 27 18:18:18 turris kresd[24650]: [ta_update] next refresh for . in 1 hours
Jun 27 18:18:19 turris kresd[24798]: [system] warning: hard limit for number of file-descriptors is only 4096 but recommended value is 524288
Jun 27 18:18:19 turris kresd[24798]: [ta_update] refreshing TA for .
Jun 27 18:18:20 turris kresd[24798]: [ta_update] next refresh for . in 1 hours
Jun 27 18:19:01 turris crond[25008]: (root) CMD (/usr/bin/rainbow_button_sync.sh)
[…]
it is based on a prefix change in the ipv6 network wan6 interface. I dont know why this is happening so often, but if is just because of the IFUPDATE_PREFIXES firering for the WAN6 interface.
Maybe disable the hotplug resolver restart for WAN6 prefix changes in the script 40-ip-resolver-reload without $IFUPDATE_PREFIXES for WAN6/ipv6?
Or does anyone know why a prefix update is fired every seconds on ipv6 wan6?
Yes, that approach sounds good to me. WAN could be ignored here, as the current code only listens on addresses belonging to lo(calhost) and (br-)lan interfaces anyway.
I have no idea why the prefix might change so often, not even whose mistake it is (ISP, OpenWrt, Turris changes). I had noticed the hotplug docs a bit lacking; makes it hard to confidently write more complex conditions like your suggestion.
i’m also struggling with ipv6 and the hotplug system. i think this is the default design of openwrt to also trigger updates even when only prefered and valid until values on the temporary adresses are changed. i wrote an issue in the turris gitlab: