[SOLVED] Hight rate of dns queries for PBS from PVE

[Etienne Charlier]

Dear,

I installed adguardhome as my home network dns "server"

I have a homelab with a pve server hosting a couple of vm ( nextcloud, influxdb...)
those vm are backuped to remote PBD instance ( kindly offered by tuxis.nl) and to a local PBS ( lorath-adm.phi8.ovh)

the statistics page of adguardhome show that almos 45% of DNS requests served by adguardhome are for the two PBS hostnames.

Is this normal ?
How/where can I start investigating/diagnosing this issue ?

Thanks in adance
EC


12:26:18 11/5/2022 monitor.phi8.ovh Type: AAAA, Plain DNS Processed 0.56 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.21%22']172.19.1.21[/URL] 12:26:13 11/5/2022 lorath-adm.phi8.ovh Type: AAAA, Plain DNS Processed 0.41 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:13 11/5/2022 lorath-adm.phi8.ovh Type: A, Plain DNS Processed 0.12 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:13 11/5/2022 pbs001.tuxis.nl Type: AAAA, Plain DNS Processed 0.21 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:13 11/5/2022 pbs001.tuxis.nl Type: A, Plain DNS Processed 0.17 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:13 11/5/2022 pbs001.tuxis.nl Type: AAAA, Plain DNS Processed 0.08 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:13 11/5/2022 pbs001.tuxis.nl Type: A, Plain DNS Processed 0.12 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:08 11/5/2022 monitor.phi8.ovh Type: AAAA, Plain DNS Processed 0.44 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.21%22']172.19.1.21[/URL] 12:26:05 11/5/2022 pbs001.tuxis.nl Type: A, Plain DNS Processed 0.08 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:05 11/5/2022 pbs001.tuxis.nl Type: AAAA, Plain DNS Processed 0.16 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] 12:26:05 11/5/2022 pbs001.tuxis.nl Type: AAAA, Plain DNS Processed 0.08 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL] Block 12:26:05 11/5/2022 pbs001.tuxis.nl Type: A, Plain DNS Processed 0.13 ms [URL='http://thewall.phi8.ovh:3080/#logs?search=%22172.19.1.100%22']172.19.1.100[/URL]

 

[leesteken]

PVE keeps a graph of the storage space and contacts the PBS regularly (and rather often). The PBS is configured with an URL and PVE does not know how often the PBS changes its IP address. Therefore it does a DNS request every time, which is not uncommon (browsers do it all the time when you refresh a webpage). If you are using a caching DNS server then this should not be a problem.

 

[Etienne Charlier]

That makes sense !!

Thanks a lot for the quick response !

Have a nice Evening
EC

 

[zszs73]

I've observed exatly the same (4 req every 10 sec). I've put an entry for the pbs server to the /etc/hosts file of the pve and it is not polluting the AdGuardHome log/stat anymore. I guess that pbs server IP is not changing frequently.

 

[vdias]

I solved this with a new entry on /etc/hosts and a script that executes every hour, just in case Tuxis change there IP.

Just change the website value on the script... chmod +x and add it to a cron job...

#!/bin/bash

# Define the website URL and the hosts file path
website="XXXXXXXXXXX.tuxis.nl"
hosts_file="/etc/hosts"

# Use dig to retrieve the current IP address
current_ip=$(dig +short "$website" | grep '^[.0-9]*$')

# Check if the IP address is already in the hosts file
if grep -q "$website" "$hosts_file"; then
    # Get the current IP address from the hosts file
    hosts_ip=$(grep "$website" "$hosts_file" | awk '{print $1}')

    # Compare the current IP with the one in the hosts file
    if [ "$current_ip" != "$hosts_ip" ]; then
        # Update the hosts file with the new IP
        sed -i "s/$hosts_ip.*/$current_ip $website/" "$hosts_file"
        echo "Updated $website in $hosts_file from $hosts_ip to $current_ip"
    else
        echo "No change in IP address."
    fi
else
    # Append the new entry to the hosts file
    echo "$current_ip $website" >> "$hosts_file"
    echo "Added $website to $hosts_file with IP $current_ip"
fi

 

[HansJerkov]

Hi @vdias,
thank you for the script.

Unfortunately I'm pretty new to the proxmox and Linux world. I understand the concept of what you are doing with this script but can't figure out how to create and run it.
Could you please specify that line for a total newbie:

chmod +x and add it to a cron job

What do the shell commands look like?

Thank you,
Hans

 

[sb-jw]

So a DNS server is supposed to answer DNS queries. The Adguard or PiHole is usually a local DNS server and caches the queries anyway so that they never reach public DNS servers in bulk.

Now building a script to avoid DNS requests is somehow really absurd. You can also avoid creating backups because it takes up traffic and storage space. It's best not to set up any services in the internal network if you're afraid that they can also be used.

 

[alanshore]

First op: Thank you for this registered on the forums to reply here. This one entry has accounted for 78k requests in the past 24 hours.

Second, It's not absurd when it's requiring extra processing power and 40x the load on that ONE request hitting 78k times. How is this OK!? I run a 4 cluster and this was the result.

It's a design flaw and constantly puts my network under a heavy load.

Uptime Kuma is the second at 6296 in the past 24 hours checking every 10 minutes.

So a DNS server is supposed to answer DNS queries. The Adguard or PiHole is usually a local DNS server and caches the queries anyway so that they never reach public DNS servers in bulk.

Now building a script to avoid DNS requests is somehow really absurd. You can also avoid creating backups because it takes up traffic and storage space. It's best not to set up any services in the internal network if you're afraid that they can also be used.

 

[Nightman]

From my point of view this behavior (4 DNS request [2x A record, 2x AAA record] every 10 seconds for each pbs connection) seems from my point of view not to be a good design. I would assume that DNS queries for pbs are only made initially and then each time a connection attempt using the IP failed. Then we need to know the current IP by asking DNS again.

Could some people from proxmox dev look into this please.

I am impacted by this, too.