[Dnsmasq-discuss] TCP DNS requests fail with "communications error" / "end of file"
Simon Kelley
simon at thekelleys.org.uk
Wed Jul 22 12:46:06 BST 2020
On 20/07/2020 14:11, Jinn Ko wrote:
> Hi,
>
> While using dnsmasq as embedded in the pi-hole project I came across an issue with how TCP
> DNS requests are handled over Wireguard interfaces.
>
> A ticket was raised in the FTL project (https://github.com/pi-hole/FTL/issues/824) and the
> conclusion was that the issue is in dnsmasq. It seems the logic of determining the incoming
> interface fails and the connection is closed and reset before FTL can handle it, which seems
> to put the issue in the dnsmasq codebase.
>
> A key detail is that the Wireguard interface is configured with the same IP as the default
> interface, but with a more specific subnet mask. For example where eth0 has the default
> route it may be configured with 10.3.2.1/24, while the Wireguard interface would have the
> address 10.3.2.1/32. Having a different IP on the two interfaces does not cause any issues.
Is this something as simple as needing to have dnsmasq listening on both
eth0 and the wireguard interface?
Can you describe exactly what's going on around dnsmasq.c line 1815 and
in the loopback_exception() function, to cause client_ok to be set to
zero? I can't easily access your logging patches, and I don't have a
pihole installation, so I can't easily reproduce this or understand
exactly what the logging means. I'm interested in what interface_index
is returned from tcp_interface(), what interface name that translates
to, what interface indexes are in the daemon->interfaces linked list
that gets tested against, and if that test fails, what happens in
loopback_exception()
Cheers,
Simon
>
> See the above linked FTL ticket for how we came to the conclusion, along with PCAPs and
> custom logging output that was put in place to determine what is going wrong.
>
> How can I help get this resolved?
>
> Thanks,
> Jinn
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list