[Pdns-users] Recursor: Error writing TCP answer - broken pipe

Christoph cm at appliedprivacy.net
Sun Jan 16 10:27:05 UTC 2022


Hello,

I get about 2000 of these log events per day:

pdns-recursor[11727]: Error writing TCP answer to 109.70.100.132:31192: 
Broken pipe

109.70.100.132 is the IP address of an dnsdist instance.

setup:
DoH/DoT clients -> dnsdist -> recursors

Is there anything that can be optimized to avoid these errors?


dnsdists (1.6.1) run on FreeBSD 13.0
recursors (4.6.0) run on Debian 11.


dnsdist.conf:
newServer({address="109.70.100.136", maxInFlight=1000})
newServer({address="109.70.100.140", maxInFlight=1000})
newServer({address="127.0.0.1", maxInFlight=1000})
setServerPolicy(firstAvailable)
[...]

While writing this email I noticed that dnsdist 1.7.0 has been
tagged 2 days ago
https://github.com/PowerDNS/pdns/releases/tag/dnsdist-1.7.0
I'll upgrade as soon as that reaches FreeBSD ports to see if that
has an affect on the error.

thanks,
Christoph



recursor.conf:
-------------------------
config-dir=/etc/powerdns
setuid=pdns
setgid=pdns

aggressive-nsec-cache-size=100000
allow-from=127.0.0.0/8,109.70.100.0/24
distributor-threads=1
dnssec=validate
dnssec-log-bogus=no
edns-padding-from=127.0.0.0/8,109.70.100.0/24
edns-padding-mode=padded-queries-only
extended-resolution-errors=yes
local-address=127.0.0.1:54,109.70.100.125:53,109.70.100.136:53
log-common-errors=no
log-rpz-changes=no
log-timestamp=yes
loglevel=6
max-cache-entries=1000000
max-packetcache-entries=500000
minimum-ttl-override=5
new-domain-tracking=no
nothing-below-nxdomain=dnssec
pdns-distributes-queries=yes
qname-minimization=yes
query-local-address=109.70.100.125,2a03:e600:100::178
quiet=yes
refresh-on-ttl-perc=10
threads=8
version-string=PowerDNS Recursor
webserver=yes
webserver-address=127.0.0.1
webserver-allow-from=127.0.0.1,::1
webserver-loglevel=none
webserver-password=$scrypt$ln=xxxxxxxxx

lua-config-file=/etc/powerdns/config.lua
-------------------------


More information about the Pdns-users mailing list