They need to investigate what the issue is and attempt to roll out a fix. I can't even use ddwrt because of the DNSmasq issue. I hate to say it but ive been using freshtomato in the meantime and its not nearly as good as ddwrt but its getting the job done with no issues for now
Joined: 16 Nov 2015 Posts: 6177 Location: UK, London, just across the river..
Posted: Fri Nov 17, 2023 12:54 Post subject:
r2digital wrote:
They need to investigate what the issue is and attempt to roll out a fix. I can't even use ddwrt because of the DNSmasq issue. I hate to say it but ive been using freshtomato in the meantime and its not nearly as good as ddwrt but its getting the job done with no issues for now
I never had any issues with DNSmasq... but...
-NTP time must be accurate
-if dnsmasq sees heavy use than try
--add this to increase concurrent DNS queries add to advance dnsmasq box dns-forward-max=300 the default value is 150
--disable DNSmasq cache or increase DNSmasq cache...
--disable negative cache no-negcache
-you dont really need NTP time to sync every hour set NTP time to 43200 (12h)
do not load settings save files from different builds...if you have such an odd issues
try reset and manual reconfigure your settings...
using old builds is not recommended as those contain unfixed security holes..and not updated binaries..
DNSmasq to fail it could be on various bad settings...
-bad add blocker
-bad router set up
-bad client
-bad DHCP static names
and ect.
as we dont know lots of detail on your set up any help will be difficult...provide pic of your set..
hide any sensitive data (ip's mac and ect.) _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 53045 WAP
TP-Link WR1043NDv2 -DD-WRT 54248 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall,VPN,x1VLAN
TP-Link WR1043NDv2 -DD-WRT 54079 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 54248 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 54079 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 54079 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Tue Nov 21, 2023 17:50; edited 1 time in total
If the whole router crashes log to a usb stick this can also be done with the syslog
If you experience problems describe your setup and upload:
cat /tmp/dnsmasq.log
cat /tmp/dnsmasq.conf
cat /tmp/resolv.dnsmasq
cat /tmp/resolv.conf
cat /var/log/messages
Joined: 08 May 2018 Posts: 13883 Location: Texas, USA
Posted: Fri Nov 17, 2023 17:19 Post subject:
r2digital wrote:
They need to investigate what the issue is and attempt to roll out a fix. I can't even use ddwrt because of the DNSmasq issue. I hate to say it but ive been using freshtomato in the meantime and its not nearly as good as ddwrt but its getting the job done with no issues for now
"They" are trying to investigate, but it's kinda difficult...
All: Please provide exact steps to reproduce issue on current DD-WRT release. FT 2023.4 dnsmasq is ahead of DD-WRT source tree, so is the current FT master branch code head. Configurations don't generally translate between the two. So far, what we have seen is bad configuration and nothing very forthcoming except, "it b'oken, fix!" or "me, too!", without any information from the other side of the screen. I've already suggested sync with upstream dnsmasq development with no response yet. Screenshots (properly redacted, if necessary), logs, please. Thanks. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
I've been using DD-WRT for many years. And everything worked perfectly, and there were no problems on different routers. So we're interested in finding out.
But I thought the answer was already there.
So. What have I done now?
- I decided to reinstall the firmware to a newer r53843, reset all settings (nvram and the like) and configured it again (without downloading the settings).
- started immediately with detailed logs, as egc wrote.
If a problem arises, I will post the logs and settings.
And then I will add the settings recommended by Alozaros. And then I will collect logs with these settings.
I am experiencing the same issue with the same log messages.
Netgear R6400v2 (otp)
Basic WAN configuration with DHCP to external provider
DHCP (with few IP reservations), DNSMASQ
WireGuard server config as per instruction = 4 FireWall command to block clients access to some local parts of network
2.4 WiFi + 2.4 guest WiFi
Time updated as per default settings
All other default settings
I am regularly updating firmware to each version.
Currently on 54079.
Problem started somewhere in September. I don't know the build number as I have not realised at that moment that issue is connected to DNS, as I thought this could be provider issue. Later started investigating and found out it is clearly DNS problem, as IP ping worked fine during these short windows with problems.
As I am not experienced in DD WRT, please provide me a list of information I shall provide that could be helpful in diagnosing the problem.
Last edited by Megrez7 on Mon Nov 20, 2023 16:25; edited 1 time in total
Joined: 08 May 2018 Posts: 13883 Location: Texas, USA
Posted: Mon Nov 20, 2023 15:20 Post subject:
Zero issues on WRT3200ACM on 54000 alpha (still waiting for another 0 or 5 alpha or beta or specific commits to upgrade), but here is the "normal" startup log messages (I am using SmartDNS):
Code:
cat /var/log/messages | grep dnsmasq
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: started, version 2.89 cache disabled
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Dec 31 18:00:29 WRT3200ACM daemon.warn dnsmasq[1328]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq-dhcp[1328]: DHCP, IP range 192.168.1.64 -- 192.168.1.253, lease time 1d
Dec 31 18:00:29 WRT3200ACM user.info : [dnsmasq] : successfully started
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 127.0.0.1#6053
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 1.0.0.1#53 for domain pool.ntp.org
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 1.0.0.1#53 for domain time.google.com
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 9.9.9.9#53 for domain pool.ntp.org
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 9.9.9.9#53 for domain time.google.com
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using nameserver 9.9.9.9#53 for domain adguard-dns.com
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for test
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for onion
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for localhost
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for local
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for invalid
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: using only locally-known addresses for bind
Dec 31 18:00:29 WRT3200ACM daemon.info dnsmasq[1328]: read /etc/hosts - 5 names
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1328]: exiting on receipt of SIGTERM
Dec 31 18:00:30 WRT3200ACM user.info : [dnsmasq] : daemon successfully stopped
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: started, version 2.89 cache disabled
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Dec 31 18:00:30 WRT3200ACM daemon.warn dnsmasq[1493]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq-dhcp[1493]: DHCP, IP range 192.168.1.64 -- 192.168.1.253, lease time 1d
Dec 31 18:00:30 WRT3200ACM user.info : [dnsmasq] : successfully started
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 127.0.0.1#6053
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 1.0.0.1#53 for domain pool.ntp.org
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 1.0.0.1#53 for domain time.google.com
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 9.9.9.9#53 for domain pool.ntp.org
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 9.9.9.9#53 for domain time.google.com
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using nameserver 9.9.9.9#53 for domain adguard-dns.com
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for test
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for onion
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for localhost
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for local
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for invalid
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: using only locally-known addresses for bind
Dec 31 18:00:30 WRT3200ACM daemon.info dnsmasq[1493]: read /etc/hosts - 5 names
Dec 31 18:00:30 WRT3200ACM daemon.crit dnsmasq[1491]: failed to bind DHCP server socket: Address in use
Dec 31 18:00:30 WRT3200ACM daemon.crit dnsmasq[1491]: FAILED to start up
Dec 31 18:00:30 WRT3200ACM user.info : [dnsmasq] : Error on startup, returncode 2
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1493]: exiting on receipt of SIGTERM
Dec 31 18:00:34 WRT3200ACM user.info : [dnsmasq] : daemon successfully stopped
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: started, version 2.89 cache disabled
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Dec 31 18:00:34 WRT3200ACM daemon.warn dnsmasq[1678]: warning: ignoring resolv-file flag because no-resolv is set
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq-dhcp[1678]: DHCP, IP range 192.168.1.64 -- 192.168.1.253, lease time 1d
Dec 31 18:00:34 WRT3200ACM user.info : [dnsmasq] : successfully started
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 127.0.0.1#6053
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 1.0.0.1#53 for domain pool.ntp.org
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 1.0.0.1#53 for domain time.google.com
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 9.9.9.9#53 for domain pool.ntp.org
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 9.9.9.9#53 for domain time.google.com
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using nameserver 9.9.9.9#53 for domain adguard-dns.com
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for test
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for onion
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for localhost
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for local
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for invalid
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: using only locally-known addresses for bind
Dec 31 18:00:34 WRT3200ACM daemon.info dnsmasq[1678]: read /etc/hosts - 5 names
So, on boot, with SmartDNS, it starts a total of 3 times before NTP sync. My NTP sync time interval is 1 day. I have no further messages about dnsmasq dying and needing to re-exec it. Router has been up ~ 3 days. Didn't have issues before switching to SmartDNS either. Don't have time to switch back to old config and compare or find any of my old logs. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Syslog from r54079 with two "[dnsmasq] : maybe died, we need to re-exec it" within 2 hours:
I have filtered out DHCPREQUEST and DHCPACK for privacy reasons.
I will gather more logs as per egc instruction and upload here.
Code:
cat /var/log/messages | grep dnsmasq
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[1730]: started, version 2.89 cachesize 1500
Nov 20 12:20:32 ddwrt daemon.warn dnsmasq[1730]: overflow: 51 log entries lost
Nov 20 12:20:32 ddwrt user.info : [dnsmasq] : daemon successfully stopped
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: started, version 2.89 cachesize 1500
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Nov 20 12:20:32 ddwrt daemon.warn dnsmasq[5644]: warning: ignoring resolv-file flag because no-resolv is set
Nov 20 12:20:32 ddwrt daemon.info dnsmasq-dhcp[5644]: DHCP, IP range 192.168.154.10 -- 192.168.154.50, lease time 12h
Nov 20 12:20:32 ddwrt daemon.info dnsmasq-dhcp[5644]: DHCP, IP range 192.168.153.100 -- 192.168.153.149, lease time 1d
Nov 20 12:20:32 ddwrt user.info : [dnsmasq] : successfully started
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using nameserver 8.8.8.8#53
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using nameserver 8.8.4.4#53
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for k15
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for test
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for onion
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for localhost
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for local
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for invalid
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: using only locally-known addresses for bind
Nov 20 12:20:32 ddwrt daemon.info dnsmasq[5644]: read /etc/hosts - 8 names
Nov 20 13:14:02 ddwrt daemon.warn dnsmasq[5644]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 14:48:01 ddwrt user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: started, version 2.89 cachesize 1500
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Nov 20 14:48:01 ddwrt daemon.warn dnsmasq[24497]: warning: ignoring resolv-file flag because no-resolv is set
Nov 20 14:48:01 ddwrt daemon.info dnsmasq-dhcp[24497]: DHCP, IP range 192.168.154.10 -- 192.168.154.50, lease time 12h
Nov 20 14:48:01 ddwrt daemon.info dnsmasq-dhcp[24497]: DHCP, IP range 192.168.153.100 -- 192.168.153.149, lease time 1d
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using nameserver 8.8.8.8#53
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using nameserver 8.8.4.4#53
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for k15
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for test
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for onion
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for localhost
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for local
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for invalid
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: using only locally-known addresses for bind
Nov 20 14:48:01 ddwrt daemon.info dnsmasq[24497]: read /etc/hosts - 8 names
Nov 20 14:48:01 ddwrt user.info : [dnsmasq] : successfully started
Nov 20 14:56:56 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:14:48 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:17:03 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:31:18 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:31:28 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:55:41 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 15:59:10 ddwrt daemon.warn dnsmasq[24497]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 16:30:00 ddwrt user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: started, version 2.89 cachesize 1500
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC loop-detect inotify no-dumpfile
Nov 20 16:30:00 ddwrt daemon.warn dnsmasq[27027]: warning: ignoring resolv-file flag because no-resolv is set
Nov 20 16:30:00 ddwrt daemon.info dnsmasq-dhcp[27027]: DHCP, IP range 192.168.154.10 -- 192.168.154.50, lease time 12h
Nov 20 16:30:00 ddwrt daemon.info dnsmasq-dhcp[27027]: DHCP, IP range 192.168.153.100 -- 192.168.153.149, lease time 1d
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using nameserver 8.8.8.8#53
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using nameserver 8.8.4.4#53
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for k15
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for test
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for onion
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for localhost
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for local
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for invalid
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: using only locally-known addresses for bind
Nov 20 16:30:00 ddwrt user.info : [dnsmasq] : successfully started
Nov 20 16:30:00 ddwrt daemon.info dnsmasq[27027]: read /etc/hosts - 8 names
Nov 20 16:30:54 ddwrt daemon.warn dnsmasq[27027]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Nov 20 17:00:32 ddwrt daemon.warn dnsmasq[27027]: possible DNS-rebind attack on IPv4 detected: u.yingwangtech.net
Joined: 16 Nov 2015 Posts: 6177 Location: UK, London, just across the river..
Posted: Mon Nov 20, 2023 17:12 Post subject:
Consider DNSmasq issues may not be related to DDWRT, but to DNSmasq compiled (version) and its own bugs...if DNSmasq is completely lost, than you have a problem...
if it restarts...it could be related to anything..malicious activity. as well..
As we don't know about setting and deep details...not much point to bother posting logs here...
'logs and settings used, in order to recreate the POC' this is the format required to help developers or anyone else...if developers are unable to recreate the problem, than its a riddle...
In DDWRT some services restart on schedule and this is normal...for example my DNSmasq sometimes reduces the size of the packets (MTU) and then is back to normal...and sometimes dies and reboots... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 53045 WAP
TP-Link WR1043NDv2 -DD-WRT 54248 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall,VPN,x1VLAN
TP-Link WR1043NDv2 -DD-WRT 54079 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 54248 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 54079 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 54079 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Consider DNSmasq issues may not be related to DDWRT, but to DNSmasq compiled (version) and its own bugs...if DNSmasq is completely lost, than you have a problem...
if it restarts...it could be related to anything..malicious activity. as well..
As we don't know about setting and deep details...not much point to bother posting logs here...
'logs and settings used, in order to recreate the POC' this is the format required to help developers or anyone else...if developers are unable to recreate the problem, than its a riddle...
In DDWRT some services restart on schedule and this is normal...for example my DNSmasq sometimes reduces the size of the packets (MTU) and then is back to normal...and sometimes dies and reboots...
Yes you are right! When this happens once a week and unnoticed by work, there are no questions.
But when it happens so often and noticeably, I think it's not normal.
I'm working, reading sites, clicking to open a new link in the browser, and it gives an error - a problem with the DNS. You have to wait 20-30 seconds for the DNSmasq to reboot.
By frequency - please, today every 10 minutes!
(By the way, this happened when I disabled the DNSmasq cache according to your recommendations then, Fri, Nov 17, 2023 12:54 pm and your other recommendations from this post)
I hope for your help.
I'll post some logs.
Code:
Nov 20 20:33:15 DD-WRT user.info : [httpd] : successfully started
Nov 20 20:33:15 DD-WRT user.info : [resetbutton] : daemon successfully stopped
Nov 20 20:33:15 DD-WRT user.info : [resetbutton] : successfully started
Nov 20 20:33:15 DD-WRT user.debug : ttraff: data collection started
Nov 20 20:35:13 DD-WRT user.info root: WireGuard watchdog /usr/bin/wireguard-fwatchdog.sh on tunnel oet1 running
Nov 20 20:44:00 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 20:44:00 DD-WRT user.info : [dnsmasq] : successfully started
Nov 20 20:54:00 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 20:54:00 DD-WRT user.info : [dnsmasq] : successfully started
Nov 20 21:00:00 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 21:00:00 DD-WRT user.info : [dnsmasq] : successfully started
Nov 20 21:02:00 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 21:02:00 DD-WRT user.info : [dnsmasq] : successfully started
Nov 20 21:16:00 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Nov 20 21:16:00 DD-WRT user.info : [dnsmasq] : successfully started
Joined: 08 May 2018 Posts: 13883 Location: Texas, USA
Posted: Mon Nov 20, 2023 22:38 Post subject:
@Megrez7: Is "u.yingwangtech.net" a host on your local network / related to local domain? If so, adding lines to additional config to allow rebind of it might be in order.
@ALL: The following log line is because of DD-WRT's check_ps / process_monitor / etc. restarting the service after it has died for whatever reason:
Code:
user.info : [dnsmasq] : maybe died, we need to re-exec it
Without knowing all possible applicable configuration details of your router, without it being on current release, we have no idea what to blame. I have a "process" running on connected clients to my R7000P, which is on 54079, has my standard configuration set, and it is not killing dnsmasq (and probably should?). Waiting for my ISP to reset my outbound because of this test. So, please... give more details. This whack-a-mole-round-robin-me-too thing is not going to get us moving forward.
I was told that "dnsmasq is up-to-date" by the head master in response to previous inquiry. I do not have a signed NDA with access to the private code repository to investigate further what that means. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
@kernel-panic69 No, I do not recognise "u.yingwangtech.net" as a host inside my network, which is pretty small and I do control it. I am learning about this and investigating to what extend this might be a security thread. This warning shows multiple times, always with the same domain.
I will provide full logs, however need some more time for that.
Joined: 26 Mar 2013 Posts: 1744 Location: Hung Hom, Hong Kong
Posted: Tue Nov 21, 2023 16:37 Post subject: Re: [dnsmasq] : maybe died, we need to re-exec it issue
r2digital wrote:
I have a asus ac5300 with the latest ddwrt firmware and i constantly get "[dnsmasq] : maybe died, we need to re-exec it" this happens serveral times daily which is super annyoing because it causes internet to drop out until dnsmasq starts up again after crashing. Obviously disabling it is a quick fix but are there any work arounds/settings to keep it enabled? Not sure if its related specifically to this router or what. These are my current settings
"Maximum Cached Entries" is the same as DNSmasq option "cache-size=".
Comment out "no-resolv", "server=" and "min-cache-ttl=3600". Do you really need to set TTL?
Enable Query DNS in Strict Order.
Basic Setup -> DHCP -> "Static DNS 1" to "Static DNS 3" should all be "0.0.0.0".
If you enable "Use DNSmasq as DNS", then you need to disable "Ignore WAN DNS".
Reboot after making these changes.
Above steps should return DNSmsaq to default state. I am using Unbound ("Recursive DNS Resolving"), and I turn off "Use DNSmasq as DNS" and turn on "Ignore WAN DNS". No problem so far.
You might want to post the output of
Code:
nvram show | grep -E 'dnsm|ntp'
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
