On 22/01/2021 02:14, Steve Hirsch wrote: > Hi Lonnie, > > > > I am also seeing an occasional “failed to send packet: Address family > not supported by protocol”. However, it is mostly “Network Unreachable” > and they are pretty continuous (much more than the 10 you have). > Dnscrypt is configured to use DoH to cloudflare servers. On my side, > doesn’t seem to be related to activity level…low levels of activity also > generates errors. > > > > *From: *Lonnie Abelbeck <mailto:li...@lonnie.abelbeck.com> > *Sent: *Thursday, January 21, 2021 6:42 PM > *To: *dnsmasq list <mailto:dnsmasq-discuss@lists.thekelleys.org.uk> > *Cc: *Steve Hirsch <mailto:stevehirsc...@msn.com> > *Subject: *Re: [Dnsmasq-discuss] v2.83 failed to send packet: Network is > unreachable > > > > > >> On Jan 21, 2021, at 5:53 PM, Steve Hirsch <stevehirsc...@msn.com> wrote: >> >> After upgrading dnsmasq from version 2.82 to version 2.83 on Arch > Linux (kernel 5.10.9), “failed to send packet: Network is unreachable” > errors continually show up. However, name resolution still appears to > work with v2.83. Downgrading back to v2.82, and the error messages go > away. Dnsmasq is configured to forward requests to dnscrypt-proxy via > server=::1#53000 and server=127.0.0.1#53000 lines in dnsmasq.conf. > Turning on log-queries and log-dhcp did not show anything unusual in the > log. >> >> This configuration has been running fine for over a year now, so I > don’t think it’s a configuration issue. Dnscrypt-proxy is running > version 2.0.45 (updated was on 1/6/2021). > > Hey Steve, I'm seeing something similar "failed to send packet" on my > setup that is new with 2.82 -> 2.83 . > > Like you, I am proxying via 127.0.0.1#2853, but with unbound performing > DNS-over-TLS. > > This box is my edge device with a fair amount of traffic, so the 10 > errors are not a lot in 24 hours, but would like to understand the > change with 2.83 . > > # grep dnsmasq /var/log/messages | grep -v dnsmasq-dhcp > -- > Jan 20 15:52:41 gw-lan daemon.info dnsmasq[3300]: started, version 2.83 > cachesize 4096 > Jan 20 15:52:41 gw-lan daemon.info dnsmasq[3300]: compile time options: > IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP > no-conntrack ipset auth no-nettlehash no-DNSSEC loop-detect inotify > no-dumpfile > Jan 20 15:52:41 gw-lan daemon.info dnsmasq-tftp[3300]: TFTP root is > /tftpboot > Jan 20 15:52:41 gw-lan daemon.info dnsmasq[3300]: using nameserver > 127.0.0.1#2853 > Jan 20 15:52:41 gw-lan daemon.info dnsmasq[3300]: using only > locally-known addresses for domain priv.abelbeck.com > Jan 20 15:52:41 gw-lan daemon.info dnsmasq[3300]: read /etc/hosts - 65 > addresses > Jan 21 04:27:43 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:00 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:00 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:01 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:01 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:01 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 13:14:01 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 14:12:22 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 15:37:30 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > Jan 21 15:37:30 gw-lan daemon.err dnsmasq[3300]: failed to send packet: > Address family not supported by protocol > -- > > In dnsmasq.conf I set: > -- > dns-forward-max=512 > -- > > So far, I'm not able to generate the "failed to send packet" manually by > flooding DNS requests and such. >
I've so far failed to generate a hypothesis as to what's causing this, given the set of changes 2.82->2.83 This error message is in the code path when a DNS query over UDP has been answered and the answer is being sent back over UDP to the original requestor. The obvious new code here is that multiple instances _of_the_same_query_ are now combined together, and when the answer appears, it's sent to all the requestors one after another. It may therefore be worth trying a flood of the _same_ query repeated. Cheers, Simon. Simon. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss