DOH, DOH/3, and DOQ all randomly stop accepting DNS queries... #1114
Comments
32bitx64bit
changed the title
|
Thanks for the post. The logs shared do not have any error log related to the issue you are mentioning. The errors in there are related to failure to resolve a specific domain name due to some network issues. I am not sure why this could happen since I have these deployed in production and its working well on Debian 12. I would suggest that you debug the issue when it occurs. To do that, you should first check if the service ports are open using If ports are open, try using the DNS Client tool on the admin panel to test if the DNS server responds over the selected protocol. Since these are encrypted DNS services, you will need to use the full DoH URL with the domain name used to generate the TLS certificate. To test DoH/3, use |
|
Alright I'll give it a shot |
|
Hm weird. All the UDP ports aren't listening anymore. That explains why protocols but TLS is failing. Would you happen to know anyway to fix this? |
If you do not see any port belonging to the DNS server listening then the server may have stopped working. Do post the output of command you ran so that I can understand it better. |
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name As for running DoQ DNS resolve it works fine on server. On my secondary separate server it gives a connection error. |
|
Thanks for the details. It looks like all the services ports are open indicating that DoH. DoT, DoQ, and plain DNS over TCP/UDP is all working. Try testing with the DNS Client tool on the admin panel and see if the service is responding to queries for all protocols. If you see an error anywhere, just check the DNS Logs on the admin panel and share the complete error log entry so that I will be able to understand the error better. |
It works just fine on server. No errors. |
Then it seems that the DNS server is working well but there is some network issue that you need to figure out. It could be an issue with Firewall on the server or on the network preventing clients from accessing those services. |
|
Not sure what the issue is, but I came here to report this bug. Logs currently provide no useful information; system, podman, container, or app - but I may not be looking in the right places. This graph demonstrates the issue occurring. Restarting the container resolves it temporarily, but it keeps happening at this point.
Edit: An important clarification - DNS resolutions is what stops functioning; the DoH/DoQ servers are live, they just do not respond to queries (and the DNS server does not respond on 53). |
|
Ima just upload a bunch of logs from my NA server to see if theirs any useful information, as this is deff a technitium issue, it happens on two separate VPS providers |
Thanks for the feedback. I am not sure what could be the issue since there was no significant change in the way the DNS server works in between 13.1 and current release. The change were a few bug fixes and other minor things that should not have any such effect. From the screenshot, it looks like you are hosting zones. Do you have any of the zones signed with DNSSEC? If yes, are you using NSEC3? |
Thanks for the logs. The errors in these logs are just related to network unreachable issue which means that the network was down and thus the DNS server failed to resolve domain names. Also, it seems you have enabled Prefer IPv6 option. Do you have IPv6 connectivity? If no, then disable that option since it will cause issues with resolution. |
Hi, currently having this weird issue where all but DoT will stop accepting DNS queries.
I'm on the latest technitium dns server build.
Running on Debian 12.
It only fixes itself when I restart the server completely.
2024-11-18(1).log
Here's the latest log if it helps.
The text was updated successfully, but these errors were encountered: