DNS resolution retries and EAI_NONAME
Lonnie Abelbeck
lists at lonnie.abelbeck.com
Tue Nov 10 02:48:12 CET 2020
> On Nov 3, 2020, at 2:57 AM, Zack Elan <wireguard at zackelan.com> wrote:
>
> Short version: if I set WG_ENDPOINT_RESOLUTION_RETRIES=infinity, I would like wg(8) to actually retry infinitely, rather than exiting the first time it gets what it assumes to be a permanent failure.
>
> Long version:
>
> When WG_ENDPOINT_RESOLUTION_RETRIES is set, wg will retry endpoint resolution failures...but it special-cases 2 or 3 error response codes [0] - EAI_NONAME, EAI_FAIL and (if defined) EAI_NODATA because it considers them "permanent" failures that are not worth retrying.
>
> I have several Wireguard tunnels that are set to start at boot on a NixOS box I host. NixOS sets this variable to infinite for me [1]. Despite this, when I reboot that host, I consistently have the tunnels fail on startup. They're failing with a error that wg(8) considers permanent:
Hi Zack,
Our project reversed the logic to make a DNS failure to be a non-fatal 'wg' error. [2]
This trivial patch has worked well for our usage.
Lonnie
[2] https://raw.githubusercontent.com/astlinux-project/astlinux/master/package/wireguard-tools/wireguard-tools-0001-ignore-endpoint-dns-failure.patch
More information about the WireGuard
mailing list