Show Posts
1
24.1 Legacy Series / Re: Firewall IP Aliases sporadically not being resolved
« on: February 10, 2024, 11:04:49 am »
Hi,
yeah my problem was with a firewall alias resolved by Unbound DNS,
the record A is on an external DNS duckdns.org (high latency), the problem occured when the DNS query took more than 5 seconds (but not always), probably timeout, in that case Unbound returned (0 addresses), after enabling Advanced > Serve Expired Responses, the problem was resolved; It could still fail on first DNS query after firewall restart / reboot (but for now no problems).
Here's my log, before:
2024-02-04T11:30:02 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.13 seconds
2024-02-04T11:24:06 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.48 seconds
2024-02-04T11:18:02 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.13 seconds
2024-02-04T11:12:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.45 seconds
2024-02-04T11:06:03 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 3.43 seconds
2024-02-04T11:00:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.48 seconds
2024-02-04T10:54:05 Notice firewall resolving 1 hostnames (0 addresses) for WAN_EXT took 5.45 seconds
2024-02-04T10:48:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.69 seconds
2024-02-04T10:42:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.95 seconds
2024-02-04T10:36:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.95 seconds
2024-02-04T10:30:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 3.75 seconds
2024-02-04T10:24:03 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.67 seconds
2024-02-04T10:18:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.36 seconds
2024-02-04T10:12:05 Notice firewall resolving 1 hostnames (0 addresses) for WAN_EXT took 5.13 seconds
2024-02-04T10:06:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.10 seconds
Here's my log after:
2024-02-10T09:46:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.28 seconds
2024-02-10T09:40:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:35:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:29:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:23:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:17:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:11:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:05:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T08:59:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T08:53:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.56 seconds
first query after reboot >>> 2024-02-10T08:47:49 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.17 seconds
Let me know if you need more info.
Thanks.
yeah my problem was with a firewall alias resolved by Unbound DNS,
the record A is on an external DNS duckdns.org (high latency), the problem occured when the DNS query took more than 5 seconds (but not always), probably timeout, in that case Unbound returned (0 addresses), after enabling Advanced > Serve Expired Responses, the problem was resolved; It could still fail on first DNS query after firewall restart / reboot (but for now no problems).
Here's my log, before:
2024-02-04T11:30:02 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.13 seconds
2024-02-04T11:24:06 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.48 seconds
2024-02-04T11:18:02 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.13 seconds
2024-02-04T11:12:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.45 seconds
2024-02-04T11:06:03 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 3.43 seconds
2024-02-04T11:00:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 5.48 seconds
2024-02-04T10:54:05 Notice firewall resolving 1 hostnames (0 addresses) for WAN_EXT took 5.45 seconds
2024-02-04T10:48:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.69 seconds
2024-02-04T10:42:05 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.95 seconds
2024-02-04T10:36:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.95 seconds
2024-02-04T10:30:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 3.75 seconds
2024-02-04T10:24:03 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.67 seconds
2024-02-04T10:18:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.36 seconds
2024-02-04T10:12:05 Notice firewall resolving 1 hostnames (0 addresses) for WAN_EXT took 5.13 seconds
2024-02-04T10:06:04 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 4.10 seconds
Here's my log after:
2024-02-10T09:46:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.28 seconds
2024-02-10T09:40:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:35:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:29:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:23:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:17:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:11:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T09:05:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T08:59:00 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.01 seconds
2024-02-10T08:53:01 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 0.56 seconds
first query after reboot >>> 2024-02-10T08:47:49 Notice firewall resolving 1 hostnames (1 addresses) for WAN_EXT took 2.17 seconds
Let me know if you need more info.
Thanks.