sniproxy icon indicating copy to clipboard operation
sniproxy copied to clipboard
verified publisher icon mosajjal

The DNS server stops working every couple of hours

Open ElliottDCooper opened this issue 2 years ago • 7 comments

The DNS server stops working every couple of hours (does not respond to DNS queries) and it continues to work after a restart. Everything works properly after the restart.

I am using docker image ghcr.io/mosajjal/sniproxy:v2.0.3 with default configuration + domain acl. The log level is info and there is nothing in the logs (like no one sends any DNS queries).

ElliottDCooper avatar Jun 14 '23 07:06 ElliottDCooper

been running sniproxy on my machine for a few hours with no issues. what are you using as upstream proxy? maybe change that to something like this as a test?

upstream_dns: udp://8.8.8.8:53

mosajjal avatar Jun 15 '23 08:06 mosajjal

Thanks for replying. Yes, I'm using udp://8.8.8.8:53. Actually, I haven't seen the issue in the last three days, but it was happening before. No config changed. Maybe because there was less load on the system in the last three days.

ElliottDCooper avatar Jun 17 '23 06:06 ElliottDCooper

I used a script that performs a lot of DNS queries (like a query per 5ms for 5 minutes), and it happened again. The CPU and memory usage are normal.

CONTAINER ID   NAME                          CPU %     MEM USAGE / LIMIT     MEM %     NET I/O           BLOCK I/O        PIDS
xyz   sni-proxy-1       0.00%     5.438MiB / 1.883GiB   0.28%     328kB / 258kB     246kB / 8.19kB   5

Output of a sample dig:

$ dig @serverip google.com

; <<>> DiG 9.16.1-Ubuntu <<>> @serverip google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

ElliottDCooper avatar Jun 17 '23 08:06 ElliottDCooper

I've made some changes in DNS (still work in progress) in #63, feel free to install it and see how that works. doesn't support DNS over SOCKS5 proxy though (for now).

go install github.com/mosajjal/sniproxy@f07c7f317a3634797ad6c5768e3a77fb905f6cb1

mosajjal avatar Jun 18 '23 07:06 mosajjal

I switched to this version. I haven't tested yet.

ElliottDCooper avatar Jun 26 '23 07:06 ElliottDCooper

Hi, I used version f07c7f317a3634797ad6c5768e3a77fb905f6cb1, and it happened again. The DNS server stopped working and it continued to work after a docker restart.

dig's result when it's not working:

$ dig @serverip google.com
; <<>> DiG 9.16.1-Ubuntu <<>> @serverip google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

The server's log is kinda frozen too.

ElliottDCooper avatar Jul 22 '23 07:07 ElliottDCooper

I would like to add to this problem. I experienced today the same problem. I first tried to ask the dns server for google.com über nslookup from my windows pc. I did saw the dns traffic from my windows pc to the sniproxy but no outbound dns traffic ware made. I then checked if the docker host system can lookup domains, and dns worked. After that a spawned a bash shell in the container uns tried to make a http request with curl and this also worked. At last i just restarted the container and that solved the dns problem. I ran the sniproxy in DEBUG mode, so i can provide the log but there ware no errors in to logs. The only thing i noticed was the a missing INFO line in the logs INF dns.go:91 > returned origin address for fqdn google.com. and rtt 38.296349ms service=dns was missing. After the restart it showed up again.

almdandi avatar Nov 02 '23 16:11 almdandi

I'll consider this issue closed due to the changes I've made to the proxy. if the problem still exists, please re-open the issue

mosajjal avatar May 25 '24 02:05 mosajjal