ameshkov
commented
1 year ago Could you please use tcpdump on gateway and check what exactly is received by dnsproxy?
Closed cattyhouse closed 1 year ago
ameshkov
commented
1 year ago Could you please use tcpdump on gateway and check what exactly is received by dnsproxy?
cattyhouse
commented
1 year ago sorry, i did not mention dnsmasq in front of dnsproxy. further digging it is due to dnsmasq's
--use-stale-cache[=<max TTL excess in s>]
When set, if a DNS name exists in the cache, but its time-to-live has expired, dnsmasq
will return the data anyway. (It attempts to refresh the data with an upstream query
after returning the stale data.) This can improve speed and reliability. It comes at
the expense of sometimes returning out-of-date data and less efficient cache utilisa‐
tion, since old data cannot be flushed when its TTL expires, so the cache becomes
mostly least-recently-used. To mitigate issues caused by massively outdated DNS
replies, the maximum overaging of cached records can be specified in seconds (default‐
ing to not serve anything older than one day). Setting the TTL excess time to zero
will serve stale cache data regardless how long it has expired.
Could you please use tcpdump on gateway and check what exactly is received by dnsproxy?
cattyhouse
commented
1 year ago close, due to not related to dnsproxy, turn off dnsmasq's --use-stale-cache, this error does not happen again.
STEPS TO REPRODUCE
on gateway (dhcp server)
-l 0.0.0.0 -p 53888, dnsmasq listen on 53 and uses dnsproxy as upstreamon client
dig api.github.comon gateway (dhcp server)
log from gateway (dhcp server)