1

TLS Connection Failures - Stubby

I’m seeing connection failures between Stubby and NextDNS that I haven’t seen before, causing lookup timeouts and excessive connections to the service. Plain DNS works very well. Cloudflare and other DoT providers work well on Stubby, which leads me to think it’s a NextDNS issue. I cannot get the diagnostic tool to successfully look up nextdns.io while using Stubby but can run when not connected.

Looking for any insight or assistance. 

Version: Stubby 0.4.0 on FreshTomato

daemon.info stubby[20713]: 45.90.28.0 : Upstream : TLS - Resps= 26, Timeouts = 10, Best_auth =Success - with occasional SERVFAIL from dnsmasq

config

resolution_type: GETDNS_RESOLUTION_STUB
dns_transport_list:
- GETDNS_TRANSPORT_TLS
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
tls_query_padding_blocksize: 256
edns_client_subnet_private: 0
idle_timeout: 9000
tls_connection_retries: 5
tls_backoff_time: 900
timeout: 2000
round_robin_upstreams: 1
tls_min_version: GETDNS_TLS1_3
listen_addresses:
- 127.0.0.1@5453
- 0::1@5453
upstream_recursive_servers:
- address_data: 45.90.28.0
tls_auth_name: "xxxxxx.dns1.nextdns.io" etc

Will message diag privately on request. 

52 replies

null
    • firstlast
    • 2 yrs ago
    • Reported - view

    I'm back to seeing similar behaviour now. Are other stubby users experiencing a regression?

     

    Thanks!

      • Gordon_Freeman
      • 2 yrs ago
      • Reported - view

      firstlast seems to be running pretty well the last few days, I don't trust it 🤔🤨

    • RandomThing223
    • 11 mths ago
    • Reported - view

    Issue is still here, unreliable with Asus stock 388 frimware, switch to any other TLS DNS and its fine. 
    Major issues with nextDNS and Asus. 

Content aside

  • Status Fixed
  • 1 Likes
  • 11 mths agoLast active
  • 52Replies
  • 1549Views
  • 9 Following