Messages

751

23.1 Legacy Series / localhost and arpa lookups in Unbound reporting

« on: March 07, 2023, 02:08:24 pm »

Is there a way to indicate in the reporting what process or task is making a DNS request?  I'm able to figure some of them out, such as Aliases containing old machine names, but often I have no idea why a query is happening.

In that same vein, what would be causing all of the arpa lookups?  I can see them being used if I have resolve hostnames turned on for something like the live firewall view, but outside of that I'm not sure why there are so many reverse lookups.

752

23.1 Legacy Series / Re: Dynamic DNS working - sort of

« on: March 07, 2023, 12:57:01 pm »

I'm not sure what you're asking in regards to the legacy plugin.  I never mentioned it.

No idea about a proxy flag.  I don't use Cloudflare.

753

23.1 Legacy Series / Re: Wireguard periodically hangs

« on: March 07, 2023, 12:47:13 pm »

Apparently I spoke too soon.  Now not even disconnecting and reconnecting is fixing the problem.

Additionally, it seems like I can access some things but not others.  For example, Google, Bing, and Reddit all work, but not DDG.

EDIT: Restarting the WG service seems to have fixed the issue for the time being.

754

23.1 Legacy Series / Re: Dynamic DNS working - sort of

« on: March 06, 2023, 06:20:53 pm »

ddclient is currently not working correctly for a lot of providers.  It's updating the IP, but not correctly parsing the success messages.

755

23.1 Legacy Series / Re: Unbound not caching results?

« on: March 06, 2023, 04:45:24 pm »

On a related note, do any of you know of documentation for Unbound statistics?  I seem to be gitting a 50/50 hit/miss ratio and I'm trying to make sure I understand what it's meaning before I change anything more.

I ask because I'm not sure where things like local-data and blocklists fall in the unbound statistics.

Additionally, I thought I'd have more prefetchs.  I'm only seeing about 1%.

756

23.1 Legacy Series / Re: Adding or removing DHCP lease causes Unbound reporting to stop

« on: March 06, 2023, 04:19:12 pm »

Interesting.  I wonder if that's what happened to me.  I hadn't connected the two events but I did add static leases and I did have the reporting stop.

757

23.1 Legacy Series / Re: Unbound not caching results?

« on: March 06, 2023, 04:17:47 pm »

you can dump unbound cache to a file to be sure cache works and see current TTLs for the records

I can see the records coming from the cache and the TTLs for them.  A lot of them, such as NTP servers have a very short TTL and it expires by the time the next request comes along.  And that cycle just keeps repeating where several of my devices are making queries right after the TTL expires.

Do not set "minimum ttl" to high. Some server require the requesting the "new" response.

Better set "Serve Expired Responses", so the latency is still very low, but the cache is more accurate.

It's only set to 900 right now.  I considered increasing it to 3600 but I'm not sure I want to do that for exactly the reasons you mentioned.

I need to look into serve expired more.  I'm not familiar enough with how it works to decide if I want to use it yet.

758

23.1 Legacy Series / Re: Wireguard periodically hangs

« on: March 06, 2023, 04:13:13 pm »

The same thing happens to me, too. I cant seem to find the cause of it, tho.

The wireguard app on my mobile phone shows that i am connected but i am not able to do anything like f.e. visit a website or receive messages from any kind of messenger. When i disconnect the vpn everything works again. Sometimes i am not able to directly connect to the wireguard server after i disconnected (i am not receiving any packages). I then have to wait for some time until it works again.

Interesting.  Connecting and immediately reconnecting works for me every time.  The mobile app will also not show any data being transmitted during the hung time.

Originally I just thought it was more of my ISP issues as they still haven't figured out their problem on their side.  But it's been a consistent issue ever since the upgrade.

759

23.1 Legacy Series / Wireguard periodically hangs

« on: March 06, 2023, 01:43:39 pm »

Since upgrading to 23.1.1_2(I jumped straight there from 22.7), wireguard will periodically hang.  Previously, I could go days without having to disconnect, and that included jumping from in network to outside of my network.

Now I have to turn wireguard off and then on again daily.  Unfortunately, it seems to always happen when I'm unable to check the logs to see what might be going on.

Any suggestions for what might be causing this?

760

23.1 Legacy Series / Re: The new unbound reporting is pretty cool

« on: March 05, 2023, 08:01:50 pm »

Is anyone only getting recursive results?  I have unbound configured to use DoT but every request in Details shows Recursion.

Is this a bug in reporting or is Unbound ignoring my DoT config?

761

23.1 Legacy Series / Re: Unbound not caching results?

« on: March 05, 2023, 07:54:04 pm »

and TTL set to 900 seconds.

you mean "TTL for Host Cache entries"? it's not RR cache
if you need to force a long TTL then "Minimum TTL for RRsets and messages" should be used imho

That's what I ended up discovering and using.  I'm getting a lot more cache hits since I added that.

I also increased the cache disk size but I'm not sure if that made any difference.  The statistics doesn't list any cache details other than hits and misses.

762

23.1 Legacy Series / Unbound not caching results?

« on: March 05, 2023, 03:53:57 pm »

The new reporting has been illuminating a lot of things I never realized.

I believe I have Unbound mostly default configured.  Not everything lists what the default is so it's hard to tell.  I have the cache set to 10k hosts and TTL set to 900 seconds.

However, I'm seeing dns requests in the reporting that are only a minute or two apart and the second request gets resolved via recursion and not the cache.

Looking at my statistics, I'm only at 10k queries, but half of them were cache misses.  I would have expected that to be higher.

Any ideas as to what I can check?

763

23.1 Legacy Series / Re: Unbound statistics client name resolution

« on: March 05, 2023, 02:54:43 pm »

Turns out I had some devices that weren't reporting hostnames to the dhcp server and that's why I was getting IPs in the reporting section.

764

23.1 Legacy Series / Re: Unbound statistics client name resolution

« on: March 04, 2023, 06:35:14 pm »

I just discovered something else.  I have domains that are showing in the top 10 passed section but don't show up when searching the details tab.

Is there a limit to how far back the details tab data goes?  I changed it from 100 to All but I still don't see those domains.

EDIT: Looks like the details tab has a 1000 record limit according to the other thread.  Hopefully the update to remove all the arpa entries will allow for easier details searching.

I do have one request.  Can we make the top blocked and allowed domains clickable like the clients are?  That would allow us to more easily see who and what is causing all of the queries.

765

23.1 Legacy Series / Unbound statistics client name resolution

« on: March 04, 2023, 06:27:59 pm »

First off, I just want to say thanks for the new statistics.  It's awesome and I've already discovered something I didn't realize previously.

Is there any logic as to why sometimes the clients resolve to DNS names and sometimes they don't?  I haven't noticed a pattern yet, but I am finding that some of my devices show just the IP in the statistics.