[Solved] Outlook.office365.com DNS issues

Hi,

First of all many thanks for this wonderful project!
I am using it as my main DNS server at home with no issue expect for the outlook.office365.com and smtp.outlook.office365.com domains.

I have whit-listed them but the issue is still here, after making some investigation I think the reason is that the response from the first DNS request ask my client to pass through TCP instead of UDP and then it timeout.

I tried to deny TCP/53 on my pihole but it is like I got a "system error" quickly but it doesn't solve the issue..

Any idea?
Many thanks :slight_smile:

What issue are you having with them? Do they work if you request them straight from the upstream DNS (such as Google or OpenDNS)?

Hi @Mcat12,

I made some investigation to giving you more information.
I realized that sometimes it is working and sometimes (the vast majority of time) it is not.
I ran multiple packet capture, and figured out that using Pi-Hole as my DNS server, it is always working when my client is requesting DNS through UDP.
I also realized that using Pi-Hole, is is always failing when my client is requesting DNS through UDP and then through TCP (initiating a DNS request, destination Pi-Hole Port 53 in TCP).
This result of a very long timeout, or instant "system error" if I put an IPTABLE rule to deny TCP/53.

Now the question is why sometimes my request are passing through UDP only and why they pass through UDP then TCP.

My guess is that I am very close to 512Bytes on the response side, and depending on the server outlook is giving me the list is not always the same..

Is there a way to make Pi-hole works on TCP then?

Screenshot of a working response:


Screenshot of a non-working response: (working, but where my client is trying to initiate a DNS over TCP/53 to Pi-hole straight after receiving it, which is a little bit bigger than the first one) :slight_smile:

Hi,

Are you sure thie issue is with tcp/udp.
Try netstat -lpn | grep dnsmasq
Is it running on udp and tcp?
You would expect more issues then in my opinion.
Is it not something other doamins blocked in pihole?
This is a list of domains that should be open.

Thanks for your reply, I have doubt as I am only using office365 through IMAP and SMTP.
So, only using outlook.office365.com and smtp.outlook.office365.com so I don't think I would require anything else.
Sometimes it is working, sometimes it is not, and when it is not I realized that the response is not the same and bigger and so my client is trying to issue another request through TCP.

BTW, I have whit listed the entire office365.com domain

Shot in the dark:...
https://forums.opensuse.org/showthread.php/398114-DNS-UDP-response-truncated

summary: echo mdns off >> host.conf

try at your own risk:slight_smile:

thanks!
so no way to Pi-hole to handle/support DNS through TCP?

DNSmasq is always running on both udp and tcp by default...
What was the outcome of
netstat -lpn | grep dnsmasq

Question?
What are you running this pihole on?

Check the DNS log at /var/log/pihole.log or pihole -t

Thanks everyone, I found the issue!
Simply my iptables rules on my server not allowed to OUTPUT to TCP/53!
So I was right regarding the fact that the request/response was too large and so the client was trying TCP instead of UDP but my pi-hole server simply not forwarded it as iptables was blocked it!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.