DNS - wrong "No such name" answer #202
Thanks for the report!
I think the high-level sequence is:
The detailed trace is:
VM sends query
Host forwards query
Host receives response for earlier AAAA IPv6 query (packet 876)
The Host sends the query again, 1 time every second. It looks like the upstream server isn't responding.
The no such name response is sent after 5s of failure. At this point the VM's resolver would probably have given up
Since the upstream resolver has failed to respond it has now been marked offline. This is to fix the scenario where the priority 1 server is offline (e.g. the VPN is down) but the priority 2 server is online and every lookup takes 5s.
The next query arrives and fails immediately. Note however we do send a request to the upstream server, and if it ever responds we will mark the server as online again.
The VM's resolver has now given up and is trying to use other search domains:
We start receiving responses from the upstream 1s later:
So I think in this case there was a period of time from 378.78s - 384.79s (6s) where the upstream server didn't respond. A Linux resolver will often timeout after about 5s anyway, and we see the queries for the
I think this glitch was genuinely caused by the upstream DNS server failing. We normally try to suppress these errors by caching, but the TTLs on the records is only 45s so the caching isn't very effective.