On 11/08/2019 21:01, Dominic Preston wrote: > Hi, > > I have a fresh installation of Ubuntu 18.04 on Google Cloud Platform. > I have compiled the latest version of dnsmasq with the following > configuration: > > no-resolv > server=8.8.8.8 > conf-file=/usr/share/dnsmasq-base/trust-anchors.conf > dnssec > > I stop systemd-resolved, run dnsmasq and issue the following command: > > dig @127.0.0.1 pir.org > > After that there's a long pause, and the result comes back with the > following line at the top of dig: > > ;; Truncated, retrying in TCP mode. > > dnsmasq log says: > > dnsmasq: reducing DNS packet size for nameserver 8.8.8.8 to 1280 > > If I run this, dig comes back immediately with no pause and no TCP mode: > > dig @8.8.8.8 pir.org > > Any ideas why the first dig command has problems and the second dig > command is fine? > > Thanks in advance. >
It's likely that the MTU for the path from 8.8.8.8 to you it limited, and a reply for one of the queries needed to verify the query is getting dropped. Hence dnsmasq reduces the packet size to the more conservative 1280, and the query has to be done over TCP. It works fast the second time because the information you're asking for is cached by dnsmasq. Cheers, Simon. > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss