Thomas Eizinger

> Perhaps discarding the socket right away is a bit too brutal? There could be network topologies in which packets to some hosts are not reachable but to others is...

> > > Perhaps discarding the socket right away is a bit too brutal? There could be network topologies in which packets to some hosts are not reachable but to...

> > We could proactively query them for a Firezone specific record maybe? Even if they don't have the record, getting a response means they are up. That is basically...

Closing this as "we don't want to do this". Instead, we should just forward the ICMP error to the TUN interface: https://github.com/firezone/firezone/pull/6428

Yeah we can downgrade those. There is nothing we can do if a client goes away and it will happen during normal operation too.

@conectado We floated the idea of indexing the connection by public key instead of client ID. That wouldn't prevent this logs specifically but it would avoid the equivalent ones on...

> > @conectado We floated the idea of indexing the connection by public key instead of client ID. That wouldn't prevent this logs specifically but it would avoid the equivalent...

> > @conectado We floated the idea of indexing the connection by public key instead of client ID. That wouldn't prevent this logs specifically but it would avoid the equivalent...

Ah, this is on the gateway. Yeah we just need to downgrade the log I think.

> Assigning @thomaseizinger to confirm whether forwarding change recently could affect this. No, we previously already assigned them 1-to-1, creating a sentinel IPv4 DNS server for every configured IPv4 one...