Posted: Thu Dec 29, 2022 0:11 Post subject: DNS Error messages
Hi
I'm getting a bunch of "error" messages from the DNS and http daemons section and I'm not sure how to fix it. So this will get long.
I feel like I use a relatively complex setup (several APs, nearly 100 clients including IoT, about 65 static IPs, several Raspi-Servers, wireguard-tunnel with PBR, Tailscale on some clients) - at least for my level of know-how (nearly all settings are out of tutorials or threads in this forum...)
after having no problems for some weeks, there are now (about 1-2 weeks) sometimes disruptions/delays of a few seconds up to two minutes, during which parts of the network cannot be reached internally or cannot access the internet (I'm tracking this with up-time kuma)
Firmware: DD-WRT v3.0-r49418 std (07/04/22) on an Linksys WRT1900ACS (Linux 4.9.319 #3296)
Using Router (192.168.1.1) as DHCP, dnsmasq for DNS (sending it to local Pi-Hole 192.168.1.73)
see pictures for router-dhcp-settings
in dnsmasq I only enabled "no dns rebind" and added this in options: dhcp-option=6,192.168.1.73
unclear logs/Errors:
1st problem
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: reading /tmp/resolv.dnsmasq
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 8.8.8.8#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 62.2.YY.YY#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 62.2.YY.YY#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for test
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for onion
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for localhost
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for local
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for invalid
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for bind
8.8.8.8 is on of my upstream-DNS in pi-hole (and DNS of the wireguard-Server I'm using as VPN for avoiding geoblocking; on the other hand I don't ever see the OpenDNS-Servers out of pi-hole in this log)
62.2.YY.YY are DNS-Servers of my ISP - but I don't use them in any config (router or pi-hole) - why are they mentioned/used?
2nd problem
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPDISCOVER(br0) 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPOFFER(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
This happens like every minute, even I don't move for hours... (like spam on the log)
same with few other devices, even if they are on a wired connection.
The Cell-Phone is using Tailscale either (all Time), but not the other clients with this behavior.
other strange things
Dec 28 23:52:34 DD-WRT daemon.debug ntpclient[20152]: Connecting to 2.pool.ntp.org [45.9.61.155] ...
Dec 28 23:52:34 DD-WRT daemon.info ntpclient[20152]: Time set from 2.pool.ntp.org [45.9.61.155].
Dec 28 23:52:34 DD-WRT daemon.info process_monitor[7938]: Cyclic NTP Update success (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Dec 28 23:52:34 DD-WRT daemon.info process_monitor[7938]: Local timer delta is 7182336172578832384
this message is repeated, so every time a time delta. what does this mean?
[I changed the ntp-server, after one was not found at all...)
Dec 29 00:43:05 DD-WRT daemon.err httpd[8963]: [httpd] : Request Error Code 408: Unexpected connection close in initial request.
happens often, even if I'm not logged in to the web gui (read here, that could be the cause)
sorry for this bunch of problems, but I'm not sure, if they are connected.
additional feature needed:
if the problems are fixed I want 4 clients for my kids to use special DNS-Servers (and not the pi-hole)
tried it with this:
Code:
dhcp-host=192.168.1.23,set:kids
dhcp-host=192.168.1.24,set:kids
dhcp-option=set:kids,option:dns-server,103.86.XX.XX,103.86.XX.XX
rest via PiHole
dhcp-option=set!kids,option:dns-server,192.168.1.73
but this didn't work out.
maybe you could help with this too
many thx
Last edited by nickchanger on Thu Dec 29, 2022 11:16; edited 1 time in total
I recommend you follow one of the tried and tested methods/guides here:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=331414 _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Last edited by foz111 on Thu Dec 29, 2022 10:02; edited 1 time in total
Joined: 16 Nov 2015 Posts: 6410 Location: UK, London, just across the river..
Posted: Thu Dec 29, 2022 10:01 Post subject:
those messages are normal nothing to bother...on the new builds you can adjust the ntp time to not be every hour or so...i used on mine lets say on 6h or 12h or even 24h...so once a day its fine..value is in seconds... so, 43200 should be ok..
as far as not fetching your ISP dns inside the config use this command in DNSmasq
no-resolv
than you have to point to those servers you want...
server=(whatever ip )
or in case of dynamic DHCP from your ISP thick the ignore WAN DNS option...
p.s. check the Pi-hole guide from the link above my post... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Posted: Thu Dec 29, 2022 11:05 Post subject: Re: DNS Error messages
nickchanger wrote:
unclear logs/Errors:
1st problem
Code:
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: reading /tmp/resolv.dnsmasq
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 8.8.8.8#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 62.2.YY.YY#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using nameserver 62.2.YY.YY#53
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for test
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for onion
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for localhost
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for local
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for invalid
Dec 27 19:51:47 DD-WRT daemon.info dnsmasq[18972]: using only locally-known addresses for bind
activate the checkbox "ignore WAN DNS" in the tab "basic setup" to get rid of the DNS servers of your ISP
nickchanger wrote:
2nd problem
Code:
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPDISCOVER(br0) 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPOFFER(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
This happens like every minute, even I don't move for hours... (like spam on the log)
This is definitely not normal.
The default DHCP lease time is 24h and not 1min.
Check what the "Status > LAN" tab says.
Maybe you have configured something wrong.
nickchanger wrote:
Code:
Dec 28 23:52:34 DD-WRT daemon.debug ntpclient[20152]: Connecting to 2.pool.ntp.org [45.9.61.155] ...
Dec 28 23:52:34 DD-WRT daemon.info ntpclient[20152]: Time set from 2.pool.ntp.org [45.9.61.155].
Dec 28 23:52:34 DD-WRT daemon.info process_monitor[7938]: Cyclic NTP Update success (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Dec 28 23:52:34 DD-WRT daemon.info process_monitor[7938]: Local timer delta is 7182336172578832384
this message is repeated, so every time a time delta. what does this mean?
[I changed the ntp-server, after one was not found at all...)
This is definitely not normal either.
What kind of delta is this?
The delta is specified in seconds.
If the router start with January 1, 1970 and update the time to December 29, 2022 then the delta is 1672307033 and not 7182336172578832384.
once the clock is set then the delta is in the range of 0 - few seconds
Since you can only configure one static lease per device, make sure that the devices are not additionally entered in the "Services > Static leases" tab.
Joined: 16 Nov 2015 Posts: 6410 Location: UK, London, just across the river..
Posted: Thu Dec 29, 2022 12:10 Post subject:
Timer delta 7182336172578832384 hmmm i keep seen those to happen for some reason on repeat..than its get back to 0 ish sadly i rebooted my R7800 which had 12 days on it...with NTP time checks over 8h period..
on my R7800 i have tons of those like but, all its normal, clients do not have vital connection breaks...for some reason some clients tend to do this... mostly iPhones, but some other clients too...and those of mine have a static lease and the general lease time is 240 min
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPDISCOVER(br0) 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPOFFER(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
i dont have this spam on my R7000 which is Broadcom radio (radio-driver is propriety) _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:43 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPDISCOVER(br0) 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPOFFER(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPREQUEST(br0) 192.168.1.21 58:XX:XX:XX:XX:3e
Dec 28 21:10:53 DD-WRT daemon.info dnsmasq-dhcp[7302]: DHCPACK(br0) 192.168.1.21 58:XX:XX:XX:XX:3e myCell-Phone
I agree this same/normal on R7800, lease expired and then renewed (per device) _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
When the lease is renewed it is also normal, I wrote that the standard lease time is 24h.
But the OP writes he has several clients that do this every minute wireless and wired
Joined: 16 Nov 2015 Posts: 6410 Location: UK, London, just across the river..
Posted: Thu Dec 29, 2022 13:43 Post subject:
ho1Aetoo wrote:
When the lease is renewed it is also normal, I wrote that the standard lease time is 24h.
But the OP writes he has several clients that do this every minute wireless and wired
well all my wired clients are fine spam happens on my R7800 2,4Ghz WiFi only ...you can disable key renewal..or the standard renewal is 1h, give it a 12h value...
as far as Timer delta 7182336172578832384...im sure i saw it 1-2 times already just ddint invest too much time in in will monitor and see if i can catch it again...it could ve been on one of the 1043v2...not sure for R7000 neither _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
what I did so far:
- checked "ignore WAN DNS" --> seems to work
- switched to setting a long the 3rd example here https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=331414
added two static dns in the basic setup (8.8.8.8 and 1.1.1.1)
additional options in dnsmasq are now based on the pi-hole-tutorial and on ho1Aetoo help (of course I changed it to my needs)
- my Lease time was 360m/6h -->> still several clients with non-stop-requests
@h01Aetoo: Status LAN is constantly updating the active clients and switches from showing 0(!) clients to 20 or more
EDIT:
found another possible hint. my bridge seems to be removed (and added) again and again
(checked the logs, and it happended also before the last changes)
Code:
Dec 29 14:51:18 DD-WRT user.info : [bridge] : interface eth1 successfully deleted from bridge br0
Dec 29 14:51:18 DD-WRT user.info : [bridge] : interface wlan1 successfully deleted from bridge br0
Dec 29 14:51:18 DD-WRT user.info : [bridge] : bridge br0 successfully deleted
Dec 29 14:51:18 DD-WRT user.info : [hostapd] : hostapd daemon successfully stopped
Dec 29 14:51:19 DD-WRT user.debug : mac80211: start deconfigure_single_ath9k
Dec 29 14:51:19 DD-WRT user.debug : mac80211: start delete_ath9k_devices
Dec 29 14:51:19 DD-WRT user.debug : mac80211: leave delete_ath9k_devices
Dec 29 14:51:19 DD-WRT user.debug : mac80211: leave deconfigure_single_ath9k
Dec 29 14:51:19 DD-WRT user.debug : mac80211: start deconfigure_single_ath9k
Dec 29 14:51:19 DD-WRT user.debug : mac80211: start delete_ath9k_devices
Dec 29 14:51:19 DD-WRT user.info : [bridge] : interface wlan1 successfully deleted from bridge br0
Dec 29 14:51:19 DD-WRT user.debug : mac80211: leave delete_ath9k_devices
Dec 29 14:51:19 DD-WRT user.debug : mac80211: leave deconfigure_single_ath9k
Dec 29 14:51:19 DD-WRT user.info : [bridge] : bridge br0 successfully added
Dec 29 14:51:19 DD-WRT daemon.info mstpd[985]: error, CTL_set_cist_bridge_config: Couldn't find bridge with index 7
Dec 29 14:51:19 DD-WRT daemon.info mstpd[985]: error, CTL_set_cist_bridge_config: Couldn't find bridge with index 7
Dec 29 14:51:19 DD-WRT user.info : [bridge] : interface eth1 successfully added to bridge br0
I will watch and collect more information if possible
NTP should be left in the default settings for now. (see screenshot)
The default settings actually work in every constellation, because several servers are stored as URL or directly as IP address.
And we do not know what you have changed.
With regard to the bridge, this may or may not be normal.
The bridges are deleted and added again if various services are restarted.
After the router has been started and is in operation, the message does not actually appear unless you press "apply" somewhere in the WebIF.
Last edited by ho1Aetoo on Thu Dec 29, 2022 14:29; edited 2 times in total