0
Timeouts on DoH with a Mikrotik device
Hello!
I've been using DoH with AX3 for more than 6 months, and recently started experiencing issues with DNS resolution - timeouts and failures. Here's what it looks like in logs:
13:21:22 dns,warning DoH max concurrent queries reached, ignoring query
13:21:22 dns,warning DoH max concurrent queries reached, ignoring query [ignoring repeated messages]
13:21:24 dns,error DoH server connection error: Idle timeout - waiting data
13:21:25 dns,error DoH server connection error: Idle timeout - connecting
13:21:28 dns,warning DoH max concurrent queries reached, ignoring query
13:21:28 dns,warning DoH max concurrent queries reached, ignoring query [ignoring repeated messages]
13:21:28 dns,error DoH server connection error: SSL: internal error (6)
13:21:28 dns,warning DoH max concurrent queries reached, ignoring query
13:21:28 dns,error DoH server connection error: SSL: internal error (6)
13:21:28 dns,error DoH server connection error: SSL: internal error (6) [ignoring repeated messages]
13:21:30 dns,warning DoH max concurrent queries reached, ignoring query
13:21:31 dns,error DoH server connection error: SSL: internal error (6)
13:21:31 dns,warning DoH max concurrent queries reached, ignoring query
13:21:31 dns,warning DoH max concurrent queries reached, ignoring query [ignoring repeated messages]
13:21:33 dns,error DoH server connection error: Idle timeout - connecting
13:21:33 dns,error DoH server connection error: Idle timeout - connecting [ignoring repeated messages]
13:21:33 dns,error DoH server connection error: SSL: internal error (6)
13:21:34 dns,error DoH server connection error: SSL: internal error (6) [ignoring repeated messages]
13:21:35 dns,error DoH server connection error: Idle timeout - connecting
13:21:36 dns,warning DoH max concurrent queries reached, ignoring query
13:21:36 dns,warning DoH max concurrent queries reached, ignoring query [ignoring repeated messages]
13:21:38 dns,error DoH server connection error: Idle timeout - connecting
13:21:40 dns,error DoH server connection error: SSL: internal error (6)
13:21:41 dns,error DoH server connection error: Idle timeout - connecting
13:21:43 dns,error DoH server connection error: Idle timeout - connecting [ignoring repeated messages]
13:30:47 dns,error DoH server connection error: Idle timeout - connecting
13:30:57 dns,error DoH server connection error: Idle timeout - connectingMy ISP does not do any filtering of the traffic, and when using ISP's DNS servers or 8.8.8.8 everything works just fine. There are no issues visiting regular HTTPS websites as well.
I'm on latest ROS 7.11.2. My DNS configuration:
/ip/dns> print
servers: 8.8.8.8,1.1.1.1
dynamic-servers: 192.168.1.1
use-doh-server: https://dns.nextdns.io/ID_HERE/mt-g
verify-doh-cert: yes
doh-max-server-connections: 10
doh-max-concurrent-queries: 50
doh-timeout: 10s
allow-remote-requests: yes
max-udp-packet-size: 4096
query-server-timeout: 6s
query-total-timeout: 15s
max-concurrent-queries: 150
max-concurrent-tcp-sessions: 30
cache-size: 3048KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
cache-used: 121KiBWhat can I do to troubleshoot that?
Reply
Content aside
- 7 mths agoLast active
- 621Views
-
1
Following