[Dnsmasq-discuss] DNSSEC slow query / TCP/ truncated issue
lzqhwo at gmail.com
Mon Aug 12 13:35:05 BST 2019
I retried it, this time leaving systemd-resolved alone and setting
dnsmasq to listen on a different port. Same result though, when
querying pir.org I get a long pause followed by a TCP / truncated dig
~$ dig -p 5353 @127.0.0.1 pir.org
;; Truncated, retrying in TCP mode.
dnsmasq: reducing DNS packet size for nameserver 220.127.116.11 to 1280
Does anyone here have a Google Cloud account they could test this
with? Queries forwarded to 18.104.22.168 with dnssec enabled?
On Mon, 12 Aug 2019 at 13:21, Geert Stappers <stappers at hendrikx-itc.nl> wrote:
> On 11-08-2019 22:01, Dominic Preston wrote:
> > Hi,
> > I have a fresh installation of Ubuntu 18.04 on Google Cloud Platform.
> > I have compiled the latest version of dnsmasq with the following
> > configuration:
> > no-resolv
> > server=22.214.171.124
> > conf-file=/usr/share/dnsmasq-base/trust-anchors.conf
> > dnssec
> > I stop systemd-resolved, run dnsmasq and issue the following command:
> > dig @127.0.0.1 pir.org
> > After that there's a long pause, and the result comes back with the
> > following line at the top of dig:
> > ;; Truncated, retrying in TCP mode.
> > dnsmasq log says:
> > dnsmasq: reducing DNS packet size for nameserver 126.96.36.199 to 1280
> > If I run this, dig comes back immediately with no pause and no TCP mode:
> > dig @188.8.131.52 pir.org
> > Any ideas why the first dig command has problems and the second dig
> > command is fine?
> How to stack systemd-resolved and dnsmasq is something britle. I
> took me several attempts. None of the attempts had `reducing DNS packet
> size`. Feel free to report your milage.
> Geert Stappers
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
More information about the Dnsmasq-discuss