it turns out, after sending stale cache to client (macOS), dnsmasq tries to query upstream, but this time, it is sending malformed packet:
Queries api.github.com: type A, class IN Name: api.github.com [Name Length: 14] [Label Count: 3] Type: A (Host Address) (1) Class: IN (0x0001) Additional records [Malformed Packet: DNS] [Expert Info (Error/Malformed): Malformed Packet (Exception occurred)] [Malformed Packet (Exception occurred)] [Severity level: Error] and all the rest of query are sent to upstream like that. notice: only reproducable if the client is macOS, and upstream is a DoH/DoT proxy like adguard/dnsproxy On Mon, May 1, 2023 at 03:42 Justin <cattyho...@gmail.com> wrote: > Hello devs > > in order to use DOH/DOT, a proxy upstream is configured, when dnsmasq > enables use-stale-cache, some upstream may return error when dnsmasq tries > to refresh the record from upstream after stale cache is sent to client. > > i reported the issue here in dnsproxy project, as this is the DOH proxy i > am currently using. however i've tried many other Go/Rust DOH proxy ( > namely doh-client, dns-over-https, dnss, cloudflared) , they all return > error when dnsmasq tries to refresh the record. > > https://github.com/AdguardTeam/dnsproxy/issues/328 > > only reproducible : if the requesting client is macOS and the upstream is > a DOH proxy, Linux does not have this issue. using a udp upstream like > 1.1.1.1 does not have this issue either. > > hope you could take a look at the issue posted. > -- Regards Justin He
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
