Private Reverse DNS Queries aren't cached, its consequences and more..

[candybars2021]

Prerequisites

• [X] I have checked the Wiki and Discussions and found no answer

• [X] I have searched other issues and found no duplicates

• [X] I want to report a bug and not ask a question or ask for help

• [X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)

Platform (OS and CPU architecture)

Windows, AMD64 (aka x86_64)

Installation

GitHub releases or script from README

Setup

Other (please mention in the description)

AdGuard Home version

v0.107.48

Action

Replace the following command with the one you're calling or a description of the failing action:

dig -x -192.168.2.50 ' 
...
; ANSWER SECTION:
50.2.168.192.in-addr.arpa. 0    IN  PTR macbook.lan 

So response from local firewall DNS server includes 0 seconds TTL, which should have been extended to the minimum set it cache (default 2400), but there seems to be a bug that private reverse queries are not cached, causing, for example, my MacBook to reverse search its lan address every few seconds, as TTL remains zero with no cached response.

BTW - to verify it isn't the specific 0 (intent not to cache?) that is causing this, which I verified by configuring yahoo.com for reverse DNS lookup through my firewall, and receiving a higher number, yet it was never cached either.

Trying to use the ulternate mechanism of excluding reverse local lookups from default DNS settings, instead of the private resolve option, does not work and this syntax in the upstream section (by design or not) has not effect and resolution will fail on public DNS this way. Thus I can not force "cache" this way either:

9.9.9.9
[/168.192.in-addr.arpa/]192.168.10.1
...

Expected result

I expected the minimum TTL of 2400 to be applied to the the 0 TTL on private reverse DNS responses.

Actual result

As mentioned this causes my devices receiving 0 ttl to send hundreds of thousands of identical queries, so unless I block and disable private reverse, and create a long hosts file, AdGuard Home is barely useable and very very slow.

Additional information and/or screenshots

Screenshots: 2. private reverse on and configured 3 screen of Reverse dig on 192.168.2.50, MacBook that makes 100Ks such requests showing 0 ttl. 4. Dig yahoo.com and reverse dig to show the problem applies to anything defined as private, not just ttl 0. 5. Shows Cache is configured with minimum 2400 6. Qurey log of Mac repeating them as they have no "cached" value, and cache not applied (bug) on private reverse which causes this. 7. shows the same for revers lookups without caching again for other domain that did not have TTL 0 but was implemented through the same app features, that makes it impossible to use.

<img width="1280" alt="sh5" src="https://github.com/AdguardTeam/AdGuardHome/assets/90040078/e18ea640-4707-4dfb-8697-b482101cb0f9">

[EugeneOne1]

@candybars2021, hello and thanks for the report. Unfortunately, we can't reproduce the issue. Could you please collect a verbose log for us? You may send it to devteam@adguard.com.