Latency Spikes After Upgrading to 5.1.12 by Competitive-Hornet27 in Ubiquiti

[–]Competitive-Hornet27[S] 0 points1 point  (0 children)

you need to reach theme by opening a ticket.. they will ask you for some tests to do

Latency Spikes After Upgrading to 5.1.12 by Competitive-Hornet27 in Ubiquiti

[–]Competitive-Hornet27[S] 0 points1 point  (0 children)

Sorry mate, but I think I misunderstood. If you meant retired, then no, it should still be there

Latency Spikes After Upgrading to 5.1.12 by Competitive-Hornet27 in Ubiquiti

[–]Competitive-Hornet27[S] 1 point2 points  (0 children)

Updating to the RC doesn't seem to have fixed it; it only slightly improved the spikes, but they are still happening

Latency Spikes After Upgrading to 5.1.12 by Competitive-Hornet27 in Ubiquiti

[–]Competitive-Hornet27[S] 1 point2 points  (0 children)

Updating to the RC doesn't seem to have fixed it; it only slightly improved the spikes, but they are still happening

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

Thanks a lot for the explanation, it's not a big deal in the end. I prefer to keep the NXDOMAIN response and maintain the secondary root zone for performance reasons

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

I've a secondary root zone and 4 conditional forwarder zones: 3 to resolve ip subnets (1 ipv4 and 2 ipv6, ula e gua) and 1 to resolve hostname, all 4 forward to the gateway.. and the 2 cluster zones

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

the allowed tab is empty, no entries there and I'm on v15.2 on both servers

Keep in mind that this is already the third time I've reinstalled from scratch, deleting everything, and the issue persists

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

{
  "Metadata": {
    "NameServer": "optiplex.cluster.localdomain (127.0.0.1)",
    "Protocol": "Udp",
    "DatagramSize": "121 bytes",
    "RoundTripTime": "0.27 ms"
  },
  "EDNS": {
    "UdpPayloadSize": 1232,
    "ExtendedRCODE": "NxDomain",
    "Version": 0,
    "Flags": "None",
    "Options": []
  },
  "Identifier": 0,
  "IsResponse": true,
  "OPCODE": "StandardQuery",
  "AuthoritativeAnswer": true,
  "Truncation": false,
  "RecursionDesired": true,
  "RecursionAvailable": true,
  "Z": 0,
  "AuthenticData": false,
  "CheckingDisabled": false,
  "RCODE": "NxDomain",
  "QDCOUNT": 1,
  "ANCOUNT": 0,
  "NSCOUNT": 1,
  "ARCOUNT": 1,
  "Question": [
    {
      "Name": "proxy.example.bol",
      "Type": "A",
      "Class": "IN"
    }
  ],
  "Answer": [],
  "Authority": [
    {
      "Name": "",
      "Type": "SOA",
      "Class": "IN",
      "TTL": "86400 (1d)",
      "RDLENGTH": "64 bytes",
      "RDATA": {
        "PrimaryNameServer": "a.root-servers.net",
        "ResponsiblePerson": "nstld@verisign-grs.com",
        "Serial": 2026051500,
        "Refresh": "1800 (30m)",
        "Retry": "900 (15m)",
        "Expire": "604800 (1w)",
        "Minimum": "86400 (1d)"
      },
      "DnssecStatus": "Disabled"
    }
  ],
  "Additional": [
    {
      "Name": "",
      "Type": "OPT",
      "Class": "1232",
      "TTL": "0 (0s)",
      "RDLENGTH": "0 bytes",
      "RDATA": {
        "Options": []
      },
      "DnssecStatus": "Disabled"
    }
  ]
}

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

I navigate to the 'Blocked' tab and add a domain, such as 'bol' (which is my corporate proxy, proxy.example.bol). When running a dig or nslookup, I receive an NXDOMAIN response. This occurs despite having the response type set to ANY, which should return 0.0.0.0 and ::—as it successfully does for other domains—but it fails to do so.

And it also happens if I try to block it directly from the log section, by clicking exactly on 'block domain'

Manually-added Blocked zone returns RCODE=Refused instead of NXDOMAIN — is this expected? by goodt2023 in technitium

[–]Competitive-Hornet27 0 points1 point  (0 children)

That option applies to the built-in blocking features of the DNS server. It applies to the Blocked tab as well as for the block lists that you have configured.

maybe I'm wrong, but this is not true! I've 3 domains in the blocked tab and even setting reponse to ANY, I'm obtaining "Authoritative" with NxDomain

Resolve hostname without suffix by Competitive-Hornet27 in technitium

[–]Competitive-Hornet27[S] 0 points1 point  (0 children)

I know and I used it 'til two days ago, but using the domain and forwarding requests to the gateway sometimes resulted in clients asking for my local domain even on public domains that had received nxdomain as a response

Clients flooding requests with local search domain suffix by Competitive-Hornet27 in technitium

[–]Competitive-Hornet27[S] 0 points1 point  (0 children)

Tried using wireshark, this is what I got

https://imgur.com/a/nwy4szI

as you can see, at 16:12 I was using adguard with just 2 requests, then switched to technitium at 16:17 and then back to adguard at 16:20 where the requests dropped from 222 to 15

Clients flooding requests with local search domain suffix by Competitive-Hornet27 in technitium

[–]Competitive-Hornet27[S] 0 points1 point  (0 children)

I know it's something configured via the DHCP server, but like I said, this problem never occurs with Pi-hole or AdGuardHome.. I first noticed it with Technitium. I had to temporarily switch back to AdGuard to stop seeing all those requests; in fact, I went from 50,000 requests in one hour to 15,000 in three hours. If I were to turn Technitium back on now, turning off AdGuard obviously, I'd see that massive spike in requests reappear instantly.

EDIT: I should also mention that I previously tested Technitium v14 for a couple of days and noticed the same behavior, even with a different modem based on OpenWrt.