Lots of syslogs for "reducing DNS packet size for nameserver..."

Karl Perkins

New Around Here
Seeing lots of these...

Mar 11 11:40:05 dnsmasq[28427]: reducing DNS packet size for nameserver 8.8.4.4 to 1280
Mar 11 11:40:05 dnsmasq[28427]: reducing DNS packet size for nameserver 8.8.8.8 to 1280
Mar 11 11:41:06 dnsmasq[28427]: reducing DNS packet size for nameserver 8.8.8.8 to 1280
Mar 11 11:41:06 dnsmasq[28427]: reducing DNS packet size for nameserver 8.8.4.4 to 1280

Which come every minute. Started appearing approximately two days ago, and I can see no reason why. I don't think I changed anything, apart from turning off external SSH access. Can anyone think of something to try? I've tried enabling and disabling DNSSEC, but that has made no difference at all.

Firmware Version:384.9
RT-AC86U
Entware enabled.

# opkg list-installed
bash - 4.4.18-2
bind-host - 9.11.5-2
bind-libs - 9.11.5-2
busybox - 1.29.2-1
coreutils - 8.30-1
coreutils-mktemp - 8.30-1
coreutils-stat - 8.30-1
empty - 0.6.20b-2
entware-opt - 227000-3
entware-release - 1.0-2
entware-upgrade - 1.0-1
findutils - 4.6.0-1
grep - 3.1-1
htop - 2.2.0-2
libart - 2.3.21-1
libblkid - 2.32.1-1
libc - 2.27-8
libfreetype - 2.9.1-1
libgcc - 7.3.0-8
libmount - 2.32.1-1
libncurses - 6.1-1
libncursesw - 6.1-1
libopenssl - 1.0.2p-1a
libpcap - 1.9.0-1a
libpcre - 8.42-1
libpcre2 - 10.32-1
libpng - 1.6.35-1
libpthread - 2.27-8
libreadline - 7.0-1
librrd - 1.2.30-3a
librt - 2.27-8
libsmartcols - 2.32.1-1
libssp - 7.3.0-8
libstdcpp - 7.3.0-8
libuuid - 2.32.1-1
lighttpd - 1.4.49-3
lighttpd-mod-alias - 1.4.49-3
lighttpd-mod-cgi - 1.4.49-3
locales - 2.27-8
lsblk - 2.32.1-1
netcat - 0.7.1-1
nmap - 7.70-1
opkg - 2011-04-08-9c97d5ec-17c
rrdtool - 1.2.30-3a
sed - 4.5-1
terminfo - 6.1-1
wget - 1.20-1a
xxd - 8.1-1
zlib - 1.2.11-2
zoneinfo-asia - 2018g-1
zoneinfo-europe - 2018g-1
 

ColinTaylor

Part of the Furniture
There was a change last year to make these messages visible only at the debug level. Have you changed your log level?
 

Karl Perkins

New Around Here
Hi Colin,

Absolutely correct - it was set to debug. Odd that it only started kicking out lots of these syslog entries just in the past couple of days, but that’s probably because there’s something changed with Google’s DNS, or some client locally has changed the size of it’s DNS requests.

I’ll monitor for a few days, and report back. My assumption is that you’ve nailed it right now, after a few minutes of watching the logs.

Kind regards,
Karl.
 

Karl Perkins

New Around Here
Confirmed Colin - it worked. There are still occasionally logs like this, but very rare now.
Many thanks,
Karl.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top