ahhzee
n00b
Joined: 16 Jul 2021
Posts: 8
|
 Posted: Fri Oct 29, 2021 6:43 pm Post subject: DNSmasq + DNSCrypt-Proxy fails to return an IP |
 |
|
I have a setup of dnsmasq passing to dnscrypt-proxy passing to a few public dnssec servers
An issue I recently started having is some websites not returning IP addresses on the first try, but getting it on every following attempt
The stack works like this:
- dnsmasq on 127.0.0.1:53 for caching dns
- dnsmasq then points to 127.0.0.1:5300 for dnscrypt-proxy
- dnscrypt points to some misc dns servers
I believe the queries are failing on step 2, dnsmasq to dnscrypt, and have tried to capture logs from both.
Here is an example of erroring in the syslog:
| Code: |
Oct 29 12:49:26 localhost dnsmasq[1995]: query[A] yewtu.be from 127.0.0.1
Oct 29 12:49:26 localhost dnsmasq[1995]: forwarded yewtu.be to 127.0.0.1
Oct 29 12:49:26 localhost dnsmasq[1995]: dnssec-query[DS] be to 127.0.0.1
Oct 29 12:49:26 localhost dnsmasq[1995]: reply be is DS keytag 52756, algo 8, digest 2
Oct 29 12:49:26 localhost dnsmasq[1995]: reply be is DS keytag 12664, algo 8, digest 2
Oct 29 12:49:26 localhost dnsmasq[1995]: dnssec-query[DS] yewtu.be to 127.0.0.1
Oct 29 12:49:31 localhost dnsmasq[1995]: query[A] yewtu.be from 127.0.0.1
Oct 29 12:49:31 localhost dnsmasq[1995]: dnssec retry to 127.0.0.1
Oct 29 12:49:32 localhost dnsmasq[1995]: query[A] yewtu.be from 127.0.0.1
Oct 29 12:49:32 localhost dnsmasq[1995]: dnssec retry to 127.0.0.1
Oct 29 12:49:37 localhost dnsmasq[1995]: query[A] yewtu.be from 127.0.0.1
Oct 29 12:49:37 localhost dnsmasq[1995]: dnssec retry to 127.0.0.1
|
Tested on qutebrowser.
After a refresh it connects normally
I've tried to collect more failed logs and will edit with anything I get.
This is a new error I've never experienced before. |
|
Networking & Security
