lwip udp handles for dns queries are retained for 5 seconds

[scareything]

client connections for inbound dns queries are never explicitly closed. eventually (after 5s) the udp timeout callback closes the connection but that can lead to temporary pcbs exhaustion when dns queries are coming in quickly enough (e.g. 50-100/sec).

[2022-10-04T17:29:37.230Z]   TRACE tunnel-sdk:tunnel_udp.c:175 recv_udp() received datagram 100.64.0.2:56324->100.64.0.2:53
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-sdk:tunnel_udp.c:251 recv_udp() intercepted address[udp:100.64.0.2:53] client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-cbs:ziti_dns.c:211 on_dns_client() new DNS client
[2022-10-04T17:29:37.230Z]   DEBUG tunnel-sdk:ziti_tunnel.c:219 ziti_tunneler_dial_completed() ziti dial succeeded: client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
...
[2022-10-04T17:29:42.283Z]   TRACE tunnel-cbs:ziti_dns.c:221 on_dns_close() DNS client close
[2022-10-04T17:29:42.283Z]   DEBUG tunnel-sdk:ziti_tunnel.c:431 ziti_tunneler_close() closing connection: client[udp:100.64.0.1:56324] service[ziti:dns-resolver]
[2022-10-04T17:29:42.283Z]   DEBUG tunnel-sdk:tunnel_udp.c:112 tunneler_udp_close() closing ziti:dns-resolver session
[2022-10-04T17:29:42.283Z]   TRACE tunnel-cbs:ziti_dns.c:221 on_dns_close() DNS client close

[scareything]

This will lead to intermittent

recv_udp() unable to allocate UDP pcb - UDP connection limit is 512

errors when too many queries are being handled.