Get many "Server Failure" and "page not found"

[markusglaetzner]

Since Version 13.0.1 I get many "Server Failure". I open a website and get "Page not found", after press F5 (somtimes once is enough, somtimes I have to click many tims or I have to close the tab and open a new one) the site is there. Technitium DNS worked for many months ok, but since a few days, it doesn't work at all!!!

[markusglaetzner]

[Saik0Shinigami]

I am also seeing an uptick in server failures. upwards of 4% of all my queries.

Edit: I updated from 12.2.1 to 13.0.1 this morning. Noticed that since then every so often something complains that it can't be reached... Never zones that are defined locally.

[markusglaetzner]

the same with me. I now test Technitium DNS in docker with version 13.0 again.

[hcgonzalezpr]

Same case for me. A nslookup on the pc would work just fine, but the browser would throw an error resolving domain even after the nslookup returned a valid result.

[markusglaetzner]

I don´t know if it since 13.0.1, but it is definitely a DNS issue! It's now becoming really annoying, even when updating via apt.

[markusglaetzner]

As a test, I also set up a Technitium DNS using Docker with version 13.0 (not 13.0.1). My current Technitium DNS offers DNS and DHCP, while the one in Docker only offers DNS. My test is that my client gets its IP from the old Technitium, but in this configuration the DNS IP address of the Docker-based Technitium is assigned. So far I have been able to open all of my browser bookmarks without ever getting the "Page cannot be displayed" message. I will now test this for the rest of the day. Tomorrow I will update Docker to version 13.0.1 and test it all day.

[ShreyasZare]

Thanks for the feedback. The ServerFailue is a generic error response that the DNS server sends when it does not have an answer available to respond. The reason for this can only be found by check the DNS logs from the admin panel. So, just check the DNS logs and post any errors that you see here so that I can help you understand the issue better.

[markusglaetzner]

Here the short Query Log:

[markusglaetzner]

Her the Logfile: 2024-09-26.log

[markusglaetzner]

This is typical behavior: I open a link in a new tab (...nordvpn...) and get the message "Page cannot be displayed". Refreshing several times has no effect. Only after I closed the tab and opened the link again in a new tab did the page load. This problem occurs involuntarily and very frequently throughout the day. My log files are now between 400-600 MB per day

[samroweemployinc]

After upgrading to v13.0.1 I'm seeing the same issues. Additionally, when trying to pull docker images I'm seeing messages that say <technitium IP>:53 server misbehaving.

[ShreyasZare]

@markusglaetzner Thanks for the logs. There seems to be an issue with handling timeout cases for DNS-over-TLS causing this issue. Will get this fixed soon with an update. Meanwhile, you can switch to DoH forwarder instead as a workaround till the update is available.

[Saik0Shinigami]

Here's an example from me as well..

[2024-09-26 00:00:01 Local] DNS Server failed to resolve the request 'auth.docker.io. A IN' using forwarders: cloudflare-dns.com (1.1.1.1), cloudflare-dns.com (1.0.0.1). System.Threading.Tasks.TaskCanceledException: A task was canceled. at TechnitiumLibrary.IO.StreamExtensions.CopyToAsync(Stream s, Stream destination, Int32 bufferSize, Int32 length, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.IO\StreamExtensions.cs:line 172 at TechnitiumLibrary.Net.Dns.DnsDatagram.ReadFromTcpAsync(Stream stream, MemoryStream sharedBuffer, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsDatagram.cs:line 352 at TechnitiumLibrary.TaskExtensions.TimeoutAsync[T](Func2 func, Int32 timeout, CancellationToken cancellationToken) at TechnitiumLibrary.TaskExtensions.TimeoutAsync[T](Func2 func, Int32 timeout, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary\TaskExtensions.cs:line 61 at TechnitiumLibrary.Net.Dns.ClientConnection.TcpClientConnection.ReadDnsDatagramAsync(Stream tcpStream, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\ClientConnection\TcpClientConnection.cs:line 206 at TechnitiumLibrary.Net.Dns.ClientConnection.TcpClientConnection.QueryAsync(DnsDatagram request, Int32 timeout, Int32 retries, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\ClientConnection\TcpClientConnection.cs:line 327 at TechnitiumLibrary.Net.Dns.DnsClient.<>cDisplayClass93_0.<gDoResolveAsync|1>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4502 --- End of stack trace from previous location --- at TechnitiumLibrary.Net.Dns.DnsClient.<>cDisplayClass93_0.<gDoResolveAsync|1>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4718 --- End of stack trace from previous location --- at TechnitiumLibrary.Net.Dns.ClientConnection.TcpClientConnection.QueryAsync(DnsDatagram request, Int32 timeout, Int32 retries, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\ClientConnection\TcpClientConnection.cs:line 327 at TechnitiumLibrary.Net.Dns.DnsClient.<>cDisplayClass93_0.<gDoResolveAsync|1>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4502 --- End of stack trace from previous location --- at TechnitiumLibrary.Net.Dns.DnsClient.<>cDisplayClass93_0.<gDoResolveAsync|1>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4718 --- End of stack trace from previous location --- at TechnitiumLibrary.Net.Dns.DnsClient.InternalResolveAsync(DnsDatagram request, Func3 getValidatedResponseAsync, Boolean doNotReorderNameServers, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4829 at TechnitiumLibrary.Net.Dns.DnsClient.InternalResolveAsync(DnsDatagram request, Func3 getValidatedResponseAsync, Boolean doNotReorderNameServers, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4780 at TechnitiumLibrary.Net.Dns.DnsClient.InternalDnssecResolveAsync(DnsQuestionRecord question, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4896 at TechnitiumLibrary.Net.Dns.DnsClient.<>c__DisplayClass97_0.<b__0>d.MoveNext() in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4995 --- End of stack trace from previous location --- at TechnitiumLibrary.Net.Dns.DnsClient.ResolveQueryAsync(DnsQuestionRecord question, Func2 resolveAsync) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4254 at TechnitiumLibrary.Net.Dns.DnsClient.InternalCachedResolveQueryAsync(DnsQuestionRecord question, CancellationToken cancellationToken) in Z:\Technitium\Projects\TechnitiumLibrary\TechnitiumLibrary.Net\Dns\DnsClient.cs:line 4977 at DnsServerCore.Dns.DnsServer.DefaultRecursiveResolveAsync(DnsQuestionRecord question, NetworkAddress eDnsClientSubnet, IDnsCache dnsCache, Boolean dnssecValidation, Boolean skipDnsAppAuthoritativeRequestHandlers, CancellationToken cancellationToken) in Z:\Technitium\Projects\DnsServer\DnsServerCore\Dns\DnsServer.cs:line 3349 at DnsServerCore.Dns.DnsServer.RecursiveResolverBackgroundTaskAsync(DnsQuestionRecord question, NetworkAddress eDnsClientSubnet, Boolean advancedForwardingClientSubnet, IReadOnlyList1 conditionalForwarders, Boolean dnssecValidation, Boolean cachePrefetchOperation, Boolean cacheRefreshOperation, Boolean skipDnsAppAuthoritativeRequestHandlers, TaskCompletionSource`1 taskCompletionSource) in Z:\Technitium\Projects\DnsServer\DnsServerCore\Dns\DnsServer.cs:line 3133 [2024-09-26 00:00:01 Local] [10.10.3.66:44014] [UDP] QNAME: auth.docker.io; QTYPE: A; QCLASS: IN; RCODE: ServerFailure; ANSWER: []

I have thousands of these in my logs across 3 servers (I run a homelab with boatloads of services...~2 million requests daily across the three servers). The example above applies to many internet domains being "affected". None of them are internal domains defined in the zones itself. All are external domains that the server attempts to obtain from the defined forwarder. In my case I have

cloudflare-dns.com (1.1.1.1:853) cloudflare-dns.com (1.0.0.1:853)

DNS-over-TLS

Historically I've never had issues with cloudflare.

My retries and timeout are at their defaults of 3 and 2000ms. And I have 8/8gbps fiber with normal ping times to cloudflare's 1.1.1.1 server at ~10ms from my desktop.

This issue cropped up for me distinctly from my upgrade from 12.2.1 to 13.0.1

Let me know if you need any other information @ShreyasZare . I can provide full logs privately if you'd like. I just don't want to provide publicly as I log all queries.

Edit: Ahhh you pre-empted me by just a little bit...

[ShreyasZare]

@Saik0Shinigami thanks for the logs and details. Will get this issue fixed soon. Meanwhile switch to DoH as a workaround.

[Saik0Shinigami]

I can confirm that switching to DoH drops my rates to virtually 0%... however in a perfect world I like DNS-over-TLS as it's easier to monitor traffic on it's own port rather than having it hide with other traffic which can make firewall rules a bit more annoying to craft, especially since I have rules in place already to block tons of DoH targets on my local network.

Thanks for your effort.

[markusglaetzner]

I can confirm that: with DoH there are no more error messages. I also hope that the problem with DoT can be solved quickly. Thanks in advance for your efforts :-)

[ShreyasZare]

@markusglaetzner @Saik0Shinigami Thanks for confirming that DoH is working. The update should be available in a day.

[ShreyasZare]

Technitium DNS Server v13.0.2 is now available that fixes this issue. Do update and let me know your feedback.