[Dnsmasq-discuss] TCP DNS requests fail with "communications error" / "end of file"

Geert Stappers stappers at stappers.nl
Mon Jul 20 17:17:36 BST 2020


On Mon, Jul 20, 2020 at 02:11:17PM +0100, Jinn Ko wrote:
> Hi,
> 
> While using dnsmasq as embedded in the pi-hole project I came across an issue with how TCP
> DNS requests are handled over Wireguard interfaces.
> 
> A ticket was raised in the FTL project (https://github.com/pi-hole/FTL/issues/824) and the
> conclusion was that the issue is in dnsmasq.  It seems the logic of determining the incoming
> interface fails and the connection is closed and reset before FTL can handle it, which seems
> to put the issue in the dnsmasq codebase.
> 
> A key detail is that the Wireguard interface is configured with the same IP as the default
> interface, but with a more specific subnet mask.  For example where eth0 has the default
> route it may be configured with 10.3.2.1/24, while the Wireguard interface would have the
> address 10.3.2.1/32.  Having a different IP on the two interfaces does not cause any issues.
> 
> See the above linked FTL ticket for how we came to the conclusion, along with PCAPs and
> custom logging output that was put in place to determine what is going wrong.
> 
> How can I help get this resolved?

I can't tell.
Thing I can tell is that is does help 
to reproduce the TCP DNS request issues outside the pi-hole project.


Regards
Geert Stappers
-- 
Silence is hard to parse



More information about the Dnsmasq-discuss mailing list