Hi folks,
I could use some help understanding why DNS caching is not behaving as I would expect.
My router is setup fully dual stack (WAN and LAN). I have it set as the DNS for all LAN. Clients are advertised its IPv4 and IPv6 addresses as the DNS, and I have NAT rules redirecting TCP/UDP port 53 to catch anything else.
I recently switched to NextDNS with all router queries using DOH. I have their “cache boost” feature turned on which just forces a minimum TTL of 5 minutes. Given that, I would expect that the maximum number of queries for any given domain over a 24 hour period would be about 576 (one each every 5 minutes for A and AAAA). However, I’ve got quite a few domains way over that count.
Digging into the logs, the causes of this seem to boil down to 2 reasons:
- The domain is IPv4 only. In this case, the A records are cached for 5 min minimum as expected, but the router continues to request an AAAA record whenever a query comes in, i.e. the negative response appears not to be cached at all. AFAICT, the router does not distinguish between record types at all for negative responses in the cache.
- Multiple queries for the same domain come in < 1 sec apart. If the cache has expired, the router just repeats them all. It does not seem to be smart enough to check a queue for queries in progress or not cached yet to not to waste resources.
So I guess the question is whether or not my analysis is correct and these are just limitations of the resolver in RouterOS, or if I’m missing something in my config or in the details of how DNS works.
Thanks!