Closed Potterli20 closed 11 months ago
Thanks for asking. The config looks good to me. Do you see any errors in the DNS logs?
It has been sent to your email
Thanks for the logs. I see the following error in it:
[2023-06-23 14:53:18 Local] DNS Server failed to resolve the request 'www.baidu.com. AAAA IN' using forwarders: 0.0.0.0:56, 0.0.0.0:57, 0.0.0.0:58, 0.0.0.0:59, 0.0.0.0:60, 0.0.0.0:56, 0.0.0.0:57, 0.0.0.0:58, 0.0.0.0:59, 0.0.0.0:60.
The above error means you had 0.0.0.0
address set as the forwarder addresses which is incorrect config.
[2023-06-23 14:50:55 Local] DNS Server failed to resolve the request 'apple.com. NS IN' using forwarders: 127.0.0.1:56, 127.0.0.1:57, 127.0.0.1:58, 127.0.0.1:59, 127.0.0.1:60, 127.0.0.1:56, 127.0.0.1:57, 127.0.0.1:58, 127.0.0.1:59, 127.0.0.1:60.
TechnitiumLibrary.Net.Dns.DnsClientNoResponseException: DnsClient failed to resolve the request 'apple.com. NS IN': request timed out.
In the above error, you have 127.0.0.1
addresses in the forwarder but they are not responding to requests in time. Try to increase the timeout value in Settings > Proxy & Forwarders section. Try checking if the forwarders that you have configured are indeed working well by querying them using the DNS Client tab on the DNS web panel.
In the above error, you have
127.0.0.1
addresses in the forwarder but they are not responding to requests in time. Try to increase the timeout value in Settings > Proxy & Forwarders section. Try checking if the forwarders that you have configured are indeed working well by querying them using the DNS Client tab on the DNS web panel.
It's normal for me to forward the configuration It's just that it's not with such a configuration, but it's normal to use a file
In the above error, you have
127.0.0.1
addresses in the forwarder but they are not responding to requests in time. Try to increase the timeout value in Settings > Proxy & Forwarders section. Try checking if the forwarders that you have configured are indeed working well by querying them using the DNS Client tab on the DNS web panel.It's normal for me to forward the configuration It's just that it's not with such a configuration, but it's normal to use a file
Have you tested that those forwarders work using the DNS Client tool?
On the contrary, I have a problem now that I can't use TLS services, and I feel that there is no traffic access on the public network, and the intranet can be parsed
On the contrary, I have a problem now that I can't use TLS services, and I feel that there is no traffic access on the public network, and the intranet can be parsed
That's a separate problem which is unrelated to the forwarders not responding. You first need to check why the forwarders are not responding by querying them directly.
That's a separate problem which is unrelated to the forwarders not responding. You first need to check why the forwarders are not responding by querying them directly.
I seem to have figured out the problem
The log has been sent to your email The image is upstream of my server
The log has been sent to your email The image is upstream of my server
Again it seems to be an issue with your forwarders. They are returning REFUSED response code which is why you see all the query logs with REFUSED RCODE.
Also, you do not need to use both the UDP and TCP forwarders together. Its of no use to use TCP forwarders too when you have UDP ones configured.
The log has been sent to your email The image is upstream of my server
Again it seems to be an issue with your forwarders. They are returning REFUSED response code which is why you see all the query logs with REFUSED RCODE.
Also, you do not need to use both the UDP and TCP forwarders together. Its of no use to use TCP forwarders too when you have UDP ones configured.
Is there any way to use TCP and UDP at the same time?
Is there any way to use TCP and UDP at the same time?
There is no point in even trying to attempt that. Just use UDP in you config. If the response is big then automatically the protocol will switch to TCP for it.
The first time there is no request, the second time there is a request, the cache is also set, there will be no request problem
There is no point in even trying to attempt that. Just use UDP in you config. If the response is big then automatically the protocol will switch to TCP for it.
Okay, okay, I get it
This diary was just tested 2023-06-24(1).log
This diary belongs to the dot server 2023-06-24(2).log
The first time there is no request, the second time there is a request, the cache is also set, there will be no request problem
In this case, if forwarder does not respond in time then the DNS server will return ServerFailure response after timeout.
In this case, if forwarder does not respond in time then the DNS server will return ServerFailure response after timeout.
The transponder responds in time, but the DnsServer does not respond in time. I also set the cache, and it didn't work
This diary was just tested 2023-06-24(1).log
TechnitiumLibrary.Net.Dns.DnsClientNoResponseException: DnsClient failed to recursively resolve the request 'connect.rom.miui.com. A IN': no response from name servers [ns4.dnsv5.com ([2402:4e00:1020:1250:0:983e:3bb8:54bb]), ns4.dnsv5.com (223.166.151.126), ns4.dnsv5.com (183.47.126.155), ns4.dnsv5.com (106.55.82.76), ns4.dnsv5.com (183.192.164.119), ns4.dnsv5.com (1.12.0.16), ns4.dnsv5.com (1.12.0.19), ns4.dnsv5.com (117.89.178.200), ns3.dnsv5.com ([2402:4e00:1430:11f9:0:983e:2e27:2604]), ns3.dnsv5.com (61.151.180.51), ns3.dnsv5.com (1.12.0.17), ns3.dnsv5.com (36.155.149.211), ns3.dnsv5.com (1.12.0.18), ns3.dnsv5.com (1.12.0.20), ns3.dnsv5.com (223.166.151.16), ns3.dnsv5.com (49.234.175.103)].
---> System.Net.Sockets.SocketException (101): Network is unreachable
There seems to be some kind of network issue causing this error.
This diary belongs to the dot server 2023-06-24(2).log
TechnitiumLibrary.Net.Dns.DnsClientNoResponseException: DnsClient failed to recursively resolve the request 'staging.security.browser.miui.com. AAAA IN': no response from name servers [ns4.dnsv5.com ([2402:4e00:1020:1250:0:983e:3bb8:54bb]), ns3.dnsv5.com ([2402:4e00:1430:11f9:0:983e:2e27:2604]), ns3.dnsv5.com (223.166.151.16), ns4.dnsv5.com (1.12.0.16), ns4.dnsv5.com (1.12.0.19), ns4.dnsv5.com (183.47.126.155), ns4.dnsv5.com (117.89.178.200), ns3.dnsv5.com (1.12.0.17), ns4.dnsv5.com (106.55.82.76), ns3.dnsv5.com (1.12.0.20), ns3.dnsv5.com (36.155.149.211), ns3.dnsv5.com (49.234.175.103), ns3.dnsv5.com (61.151.180.51), ns4.dnsv5.com (223.166.151.126), ns4.dnsv5.com (183.192.164.119), ns3.dnsv5.com (1.12.0.18)].
---> System.Net.Sockets.SocketException (101): Network is unreachable
Same network issue here. You need to check if there are intermittent connectivity issues on the server. If its wired network then check the cables since loose cables can cause such issues.
The network is connected (https://connect.rom.miui.com) the curl - I - v, the upstream also
In this case, if forwarder does not respond in time then the DNS server will return ServerFailure response after timeout.
The transponder responds in time, but the DnsServer does not respond in time. I also set the cache, and it didn't work
If the forwarder responded in time then the DNS server will immediately respond to the original request. If you think this is not happening then run tcpdump on the server to capture packets and test it again.
The reason for this is "failure cache". If the DNS server does not get response from the forwarder in time then it will cache it as a "failure" for 60 seconds default. After that if you run the above test then the forwarder will seem like its responding but the DNS server will return ServerFailure from its cache.
If this is happening frequently then you need to increase the forwarder timeout values and also reduce the Failure TTL value in Settings > Cache section.
I set it that way but it didn't work
I set it that way but it didn't work
You need to reset all the cache settings to default values and keep Cache Failure TTL to 10 sec. The current values you have is causing you issues.
All these are important and if there are not configured correctly then you will see frequently ServerFailure responses.
No, that is not correct json syntax. For adding two files, you will need to create two json objects as shown below:
"adguardUpstreams": [
{
"dnssecValidation": true,
"configFile": "/root/dns-apple.txt"
},
{
"dnssecValidation": true,
"configFile": "/root/domain-full.txt"
}
]
I have found that part of the dns file has not taken effect, but it has to cooperate with the Forwarders. I don't know why
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
When you have forwarders configured, the DNS server will totally rely on it and will just act as a caching server.
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
When you have forwarders configured, the DNS server will totally rely on it and will just act as a caching server.
Is there any way to rely on the Forwarders feature to set upstream? I already have a DNS upstream server in my dns file, and I don't want to set up Forwarders else
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
When you have forwarders configured, the DNS server will totally rely on it and will just act as a caching server.
Is there any way to rely on the Forwarders feature to set upstream? I already have a DNS upstream server in my dns file, and I don't want to set up Forwarders else
It already relies on the forwarders that you have configured.
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
When you have forwarders configured, the DNS server will totally rely on it and will just act as a caching server.
Is there any way to rely on the Forwarders feature to set upstream? I already have a DNS upstream server in my dns file, and I don't want to set up Forwarders else
It already relies on the forwarders that you have configured.
Actually, I don't want to rely on another repeater, it takes up too much memory. My DNS file is about 350m in size. That's why I didn't want to use another transponder
You can't completely take over the Forwarders function, or rely on the Forwarders function to set upstream
When you have forwarders configured, the DNS server will totally rely on it and will just act as a caching server.
Is there any way to rely on the Forwarders feature to set upstream? I already have a DNS upstream server in my dns file, and I don't want to set up Forwarders else
It already relies on the forwarders that you have configured.
Actually, I don't want to rely on another repeater, it takes up too much memory. My DNS file is about 350m in size. That's why I didn't want to use another transponder
You can operate the DNS server only in two modes: recursive resolver, or forwarder. If you do not configure any forwarder then it will work as a recursive resolver.
Which DNS file are you talking about?
I want to use the dns file as the forwarder file so that I don't have to configure the upstream of Forwarders
I want to use the dns file as the forwarder file so that I don't have to configure the upstream of Forwarders
That adguard file will be used as forwarders. Its one and the same thing. Either you configure forwarders in the app's config or you use the adguard file format. Internally, the DNS server is going to work the same way.
I want to use the dns file as the forwarder file so that I don't have to configure the upstream of Forwarders
That adguard file will be used as forwarders. Its one and the same thing. Either you configure forwarders in the app's config or you use the adguard file format. Internally, the DNS server is going to work the same way.
My DNS file is based on the adguard format, but I don't know why I need external forwarders to use DNS files, my DNS file already has a DNS upstream server
My DNS file is based on the adguard format, but I don't know why I need external forwarders to use DNS files, my DNS file already has a DNS upstream server
Yes, you do not need to define any extra forwarders anywhere else. The forwarders in the adguard file that you have will be used.
My DNS file is based on the adguard format, but I don't know why I need external forwarders to use DNS files, my DNS file already has a DNS upstream server
Yes, you do not need to define any extra forwarders anywhere else. The forwarders in the adguard file that you have will be used.
However, the problem is that I configured some domain names to resolve normally, and some domain names did not resolve but slowed down, as if they did not completely take over the Forwarders function, and needed Forwarders and configuration files to work together.
However, the problem is that I configured some domain names to resolve normally, and some domain names did not resolve but slowed down, as if they did not completely take over the Forwarders function, and needed Forwarders and configuration files to work together.
What do you mean when you say you want some domain names to resolve "normally"?
There is absolutely no difference between the forwarders you have in the adguard config or the forwarders you configure in the app's json config. Internally they are one and the same. The adguard config is just read by the app and it uses the forwarders in that file just like how the app uses the forwarders defined in the json config.
However, the problem is that I configured some domain names to resolve normally, and some domain names did not resolve but slowed down, as if they did not completely take over the Forwarders function, and needed Forwarders and configuration files to work together.
What do you mean when you say you want some domain names to resolve "normally"?
There is absolutely no difference between the forwarders you have in the adguard config or the forwarders you configure in the app's json config. Internally they are one and the same. The adguard config is just read by the app and it uses the forwarders in that file just like how the app uses the forwarders defined in the json config.
It's strange, I don't configure Forwarders upstream on my side, some domain names cannot be resolved, and all of the upstream of configured Forwarders can be resolved. I'll find a time to record a video for you. I don't know how to tell it to you either😭
However, the problem is that I configured some domain names to resolve normally, and some domain names did not resolve but slowed down, as if they did not completely take over the Forwarders function, and needed Forwarders and configuration files to work together.
What do you mean when you say you want some domain names to resolve "normally"? There is absolutely no difference between the forwarders you have in the adguard config or the forwarders you configure in the app's json config. Internally they are one and the same. The adguard config is just read by the app and it uses the forwarders in that file just like how the app uses the forwarders defined in the json config.
It's strange, I don't configure Forwarders upstream on my side, some domain names cannot be resolved, and all of the upstream of configured Forwarders can be resolved. I'll find a time to record a video for you. I don't know how to tell it to you either😭
Instead of video, just create a small sample adguard config with just 1 or 2 domain names in it and try to reproduce the problem Then share the config and how to test it so that I can also test it on my setup.
Oh, by the way, writing local upstream such as 127.0.0.1:54 in a dns file does not work. It is also the upstream of configuring Forwarders to take effect
I first use the dnsproxy program as the forwarder, and dns forwards to pihole as the upstream service, ports 54-55 respectively. Finally, the DOT service uses the dnsproxy program to forward the pihole port: 53, and the dnsproxy service port is 56-60, but the dot service forwards it with dns files, which is not effective.
Oh, by the way, writing local upstream such as 127.0.0.1:54 in a dns file does not work. It is also the upstream of configuring Forwarders to take effect
Create a sample adguard config file with single upstream and test it once. If you are able to reproduce the issue then share the sample adguard config file so that I can try to reproduce the issue on my setup.
Oh, by the way, writing local upstream such as 127.0.0.1:54 in a dns file does not work. It is also the upstream of configuring Forwarders to take effect
Create a sample adguard config file with single upstream and test it once. If you are able to reproduce the issue then share the sample adguard config file so that I can try to reproduce the issue on my setup.
This is the configuration, pure IP file https://github.com/TechnitiumSoftware/DnsServer/issues/669#issuecomment-1605471391
{ "enableForwarding": true, "networkGroupMap": { "0.0.0.0/0": "everyone,", "[::]/0": "everyone," }, "groups": [ { "name": "everyone", "enableForwarding": true, "adguardUpstreams": [ { "configFile": "/root/dns-local-127.0.0.1.txt" } ] } ] }
Oh, by the way, writing local upstream such as 127.0.0.1:54 in a dns file does not work. It is also the upstream of configuring Forwarders to take effect
Create a sample adguard config file with single upstream and test it once. If you are able to reproduce the issue then share the sample adguard config file so that I can try to reproduce the issue on my setup.
This is the configuration, pure IP file #669 (comment)
{ "enableForwarding": true, "networkGroupMap": { "0.0.0.0/0": "everyone,", "[::]/0": "everyone," }, "groups": [ { "name": "everyone", "enableForwarding": true, "adguardUpstreams": [ { "configFile": "/root/dns-local-127.0.0.1.txt" } ] } ] }
I tested the exact same config that you have on my local test setup and its working as expected without any issues.
Oh, by the way, writing local upstream such as 127.0.0.1:54 in a dns file does not work. It is also the upstream of configuring Forwarders to take effect
Create a sample adguard config file with single upstream and test it once. If you are able to reproduce the issue then share the sample adguard config file so that I can try to reproduce the issue on my setup.
This is the configuration, pure IP file #669 (comment)
{ "enableForwarding": true, "networkGroupMap": { "0.0.0.0/0": "everyone,", "[::]/0": "everyone," }, "groups": [ { "name": "everyone", "enableForwarding": true, "adguardUpstreams": [ { "configFile": "/root/dns-local-127.0.0.1.txt" } ] } ] }
I tested the exact same config that you have on my local test setup and its working as expected without any issues.
It's so strange, I write local dns with a file, my configuration file does not take effect, even if the cache is cleaned, it does not work, and it takes effect only when I write forwarders
He has a request, but does not parse the IP when using dig
Is there a problem with this configuration file? { "enableForwarding": true, "forwarders": [ { "name": "local-tcp", "dnssecValidation": true, "forwarderProtocol": "tcp", "forwarderAddresses": [ "127.0.0.1:56", "127.0.0.1:57", "127.0.0.1:58", "127.0.0.1:59", "127.0.0.1:60" ] }, { "name": "local-udp", "dnssecValidation": true, "forwarderProtocol": "udp", "forwarderAddresses": [ "127.0.0.1:56", "127.0.0.1:57", "127.0.0.1:58", "127.0.0.1:59", "127.0.0.1:60" ] } ], "networkGroupMap": { "0.0.0.0/0": "everyone", "[::]/0": "everyone" }, "groups": [ { "name": "everyone", "enableForwarding": true, "forwardings": [ { "forwarders": [ "local-tcp", "local-udp" ], "domains": [ "*" ] } ] } ] }