Wireguard DNS error.

Andrii Petrenko aplsms at gmail.com
Fri Nov 26 07:33:18 UTC 2021 

Hello, I have a problem with Wireguard DNS proxy.

Issue looks like: 

Trough DNS proxy

$ host presence.teams.microsoft.com.                                                                                                                                            

Host presence.teams.microsoft.com not found: 2(SERVFAIL)

Trough the upstream DNS server:

$ host presence.teams.microsoft.com. 10.10.10.1 
Using domain server:
Name: 10.10.10.1
Address: 10.10.10.1#53
Aliases:

presence.teams.microsoft.com is an alias for presence.services.sfb.trafficmanager.net.
presence.services.sfb.trafficmanager.net is an alias for a-ups-presence0-prod-azsc.eastus2.cloudapp.azure.com.
a-ups-presence0-prod-azsc.eastus2.cloudapp.azure.com has address 52.114.142.202

Logs from server: 

time="2021-11-26T02:33:56Z" level=debug msg="dns query: dns query for: presence.teams.microsoft.com.:1:1" file="server.go:70"
time="2021-11-26T02:33:56Z" level=error msg="failed lookup record with error: dns: overflowing header size\n;; opcode: QUERY, status: NOERROR, id: 53952\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;presence.teams.microsoft.com.\tIN\t A\n" file="server.go:76"

Another error:

$ host ocsp2.apple.com
Host ocsp2.apple.com not found: 2(SERVFAIL)

$ host ocsp2.apple.com 10.10.10.1
Using domain server:
Name: 10.10.10.1
Address: 10.10.10.1#53
Aliases:

ocsp2.apple.com is an alias for ocsp2-lb.apple.com.akadns.net.
ocsp2-lb.apple.com.akadns.net is an alias for ocsp2.g.aaplimg.com.
ocsp2.g.aaplimg.com has address 17.253.5.203
ocsp2.g.aaplimg.com has address 17.253.1.201
ocsp2.g.aaplimg.com has IPv6 address 2620:149:a00:f000::5
ocsp2.g.aaplimg.com has IPv6 address 2620:149:a1c:f000::1


time="2021-11-26T02:32:17Z" level=debug msg="dns query: dns query for: ocsp2.apple.com.:1:1" file="server.go:70"
time="2021-11-26T02:32:17Z" level=error msg="failed lookup record with error: dns: overflow unpacking uint32\n;; opcode: QUERY, status: NOERROR, id: 18718\n;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0\n\n;; QUESTION SECTION:\n;ocsp2.apple.com.\tIN\t A\n" file="server.go:76”


How to fix this problem? Please advise.

Thank you,
---
Andrii Petrenko
aplsms at gmail.com

More information about the WireGuard mailing list