DEL nodes DNS Amplification like behaviour.
My ISP is AS24560 and I am using NextDNS as upstream in AdGuard Home.
I have noticed that when using any of the DEL nodes `anexia-del-1` or `vultr-del-1` with QUIC or with DoH3, after some time the server and local forwarder start exchaning more than 100 packets per second indefinitely with my local forwarder sending no query or very low number of queries.
I have also verified this behaviour when changing the forwarder being used from AdGuard Home to Technitium and noticed the same thing.
Switching to other protcols such as DoH without HTTP3 or switching to other locations such as BLR mitigates the issue.
So somethings is wrong with HTTP3/QUIC implementation on DEL nodes.
https://nextdns.io/diag/04032b00-fa8b-11f0-b955-8db65d1a4e28
2 replies
-
We run the exact same software/configuration in all locations. Nothing is special about DEL servers.
Can you please tell us more about this chatter? Are you able to share protocol level traces?
-
Hey so I tried nextdns again after a long time, specifically forcing DoH3 with vultr-del-1 server using dnscrypt-proxy on the client side.
DNS stamps used:- AgcAAAAAAAAAKFsyNDAxOmMwODA6MzQwMDoyZjc3OjU0MDA6NWZmOmZlMDg6MmZhY10AE2RvaDMuZG5zLm5leHRkbnMuaW8KL2Rucy1xdWVyeQ
- AgcAAAAAAAAADjEzOS44NC4xNzcuMTk2ABNkb2gzLmRucy5uZXh0ZG5zLmlvCi9kbnMtcXVlcnk
And yet again there is exchange of more than 100 PPS with no DNS activity as noticed with packet capture.
For reference look at this short sample at 28th second of packet capture.
Same has been noticed 5 months ago with adguard home and technitium on the client side.
There definitely is a problem with DEL servers.
What exact traces do you need and is there a private way to share those traces?
Content aside
-
1
Votes
- yesterdayLast active
- 2Replies
- 79Views
-
2
Following
