DNS Requests Every Second When Remote Host Unreachable

[AGI-chandler]

I use et to access various computers at work, which require login to a VPN first.  The VPN disconnects every 24 hours, so et has been really helpful.  Even though the terminal appears frozen, and even if I don't reconnect the VPN for hours on end, et will maintain the link and whenever the VPN connection is reestablished, all data/commands get delivered to the server. That all works perfectly, thanks.

Now lately I have been working with my DNS settings and watching DNS queries and I noticed a huge spike in queries when the VPN disconnects.  I noticed when that happened, there were queries once per second for 2 of 4 hosts I was connected to with et which need the VPN established.  As soon as I suspended (SIGSTOP) the 2 et processes, the DNS queries stopped, and when I resumed the et processes, they picked up again.  When connection to the VPN was reestablished, the queries also stopped.

It appears to be due to the fact these 2 hosts have internal-only IP addresses (i.e. 10.x.y.z), so their records are not exported/propagated to the global directory.  Once a connection to the VPN is established, the DNS queries are routed though it and the proper 10.x.y.z A record is returned.

I ran et with --verbose=9 and the relevant log data is below.  There was only etclient data that had been produced; etclient-stderr didn't have any data, etserver doesn't even exist for today, neither did etserver-stderr.  Below that is the server's et log data.

Really hope you have ideas for a patch or at least a temp workaround because I'm limited in the number of monthly DNS queries.  Let me know if I can help with anything else. Thx

Client etclient log data.txt

Server etterminal log data.txt

[MisterTea]

I thought DNS queries were free for everyone? Isn't is a small handshake that uses almost no bandwidth?

Right now every time et tries to reconnect (once per second), a DNS lookup happens here https://github.com/MisterTea/EternalTerminal/blob/master/src/base/TcpSocketHandler.cpp#L27

You would need to write code to save the results of that lookup in the class and refresh the saved results at some rate (because of roaming and VPN, the DNS lookup can change over time so we can't cache forever).

[AGI-chandler]

They're not free if you want fancy features like TLS and block lists with usage charts and history and whatnot, like Adguard DNS, but this is a user choice and not et's fault (their free offering is 300k queries/month, after that they turn off the block lists).

What I don't understand is why this doesn't get cached anywhere and each lookup is hitting the external servers.  This isn't et's problem either so I'm just figuring out what to research next.  systemd-resolved has a cache which apparently is not being used here.  Then, systemd-resolved is configured with my router as its DNS server.  The router uses DNSmasq which is supposed to have a cache as well.  Once the TTL expires I'm guessing is when DNSmasq is supposed to query the external servers, which I've configured with 10 minutes.  So, none of that is working apparently...

Can the connection retries be adjusted somewhere?  

[MisterTea]

It's hardcoded to once per second.

[AGI-chandler]

It's also affected by the --timeout option, but can only set that as high as 5 seconds.  That's definitely an improvement.  As soon as I did, the queries immediately dropped to that rate.  I also found the options setting timeout:n for /etc/resolv.conf, which systemd-resolved now maintains, but won't allow to set anything directly there.  Instead, it generates that file from settings in /etc/systemd/resolved.conf, which uses a different format plus a different set of options, none that I've found incude this timeout option.  Found one person that said we can't set options this way anyone.  Wonder who's bright idea it was to remove and disable functionality from /etc/resolv.conf?  We've been using that file for over 20 years it seems smh...

[AGI-chandler]

Well, guess we can close this, since it's not got much to do with et.  As a quick fix, but not a permanent solution, I manually added entries to /etc/hosts.  This stopped the DNS requests in their tracks.