Open collinbarrett opened 4 years ago
dreadedhamish
commented
1 year ago Did this ever get resolved?
I see an option in next-dns called "cache boost" which when enabled forces a ttl of 300 on all responses - did this address caching of blocked resources, or only allowed resources?
dreadedhamish
commented
1 year ago I just tested this - I used the "neg-ttl=300" flag - I haven't tested without it yet. Firmware: [DD-WRT v3.0-r53221 std (07/08/23)]
DD-WRT using dnsmasq with neg-ttl=300 and upstream next-dns was successful at caching blocked responses:
first query - hit next-dns:
; <<>> DiG 9.10.6 <<>> 1dmp.io ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64503 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; OPT=15: 00 11 42 6c 6f 63 6b 65 64 20 62 79 20 4e 65 78 74 44 4e 53 ("..Blocked by NextDNS") ;; QUESTION SECTION: ;1dmp.io. IN A
;; ANSWER SECTION: 1dmp.io. 300 IN A 0.0.0.0
;; Query time: 17 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Sat Jul 15 14:38:22 AEST 2023 ;; MSG SIZE rcvd: 76
repeat query - hit cache on router:
; <<>> DiG 9.10.6 <<>> 1dmp.io ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11913 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;1dmp.io. IN A
;; ANSWER SECTION: 1dmp.io. 154 IN A 0.0.0.0
;; Query time: 0 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Sat Jul 15 14:40:48 AEST 2023 ;; MSG SIZE rcvd: 52
collinbarrett
commented
1 year ago Nice.
I never solved it. I'll give your solution a whirl at some point.
See here: