jfb
January 8, 2019, 3:37pm
2
There have been some recent threads on this topic, related to DNSSEC and its implementation in the version of dnsmasq currently used by pihole-FTL (2.79 with bug fixes).
Do you have DNSSEC enabled in Pi-Hole?
Can you try setting your upstream to Quad 9 (filtered, DNSSEC) and enable DNSSEC to check that configuration. I'm able to get cache population with that configuration, and with DNSSEC disabled. I am seeing an upstream issue that causes no response what so ever if DNSSEC is enabled with an upstream that doesn't reply correctly.
What confuses me is:
whereas, later, you wrote:
Does this mean that your dnscrypt-proxy answers within 0msec but your pihole-FTL still shows a notable delay? (see this question - for now - apart from the issue that the query is forwarded each time instead of being cached by pihole-FTL itself)