[Dnsmasq-discuss] Implications of raising dns-forward-max

[Buck Horn]

Hi Eric,

On 28.06.2023 03:35:38, "Eric Fahlgren" wrote:

>A couple posts on the OpenWrt forum have indicated that they are having 
>DNS issues that are resolved by raising the forward limit from 
>OpenWrt's default of 150 to 500.
>
>dns-forward-max=500
>
>Assuming that there are indeed a lot of queries going on 
>simultaneously, what does this affect?

Not wishing to disregard your assumption, and certainly not an answer, 
but still:
I have seen dnsmasq's 'Maximum number of concurrent DNS queries reached' 
popping up quite a few times, but I have yet to come across the 
necessity to increase dns-forward-max in a home usage scenario with a 
few dozens or so of active DNS clients.

Typically, dnsmasq's 'Maximum number of concurrent DNS queries reached' 
warning was prompted by either a DNS loop of sorts or by dnsmasq's 
upstream resolvers being unresponsive or inaccessible.

In both scenarios, increasing dns-forward-max would increase system 
resource consumption while doing nothing to address (or little more than 
glossing over) the original underlying issue.
For a DNS loop, it would just trigger the warning a tad bit later, while 
for slow upstreams, it may ocassionally allow dnsmasq to receive an 
answer before the last of the requests would start to wait for a 
time-out. No guarantees on the latter, though - only one additional 
client request may tip the balance to trigger the warning on the next 
occurrence.

Blindly increasing dns-forward-max without having analysed the actual 
issue does not seem to recommend itself as the best option available to 
me, even if it would turn out that actual resource impacts are minor.

Stopping or unconfiguring the DNS loop or switching to more reliable 
upstreams would seem more adequate measures to address the warning.

If you have actively been involved in investigating such an issue, it 
may be worth verifying those causes, if only to preclude them. ;)

Kind regards,
     Buck