Dnsmasq: failed to send packet: Host is down error
-
I am fairly confident it is not an attack. The error is from the firewall sending a DNS response or query that it could not send because it could not communicate with an IP on the local subnet/network. I am also fairly certain of that.
If you get a ton of these all the time then I would be concerned about config or network issues but occasionally seeing them I think it is not something to worry about as long as you don't experience any issues from your client computer/devices. I tend to only get these errors on systems where wifi is used which makes me think it is likely just clients dropping off the wifi network and the firewall's dnsmasq service is trying to send a response because it has an ARP entry for the host but the host has dropped off the network before that ARP entry has expired.
That is my theory anyway. I haven't actually looked at the network traffic to verify it. It would be great if the pfsense dev team could add a single simple patch to dnsmasq to log the IP that it could not send the packet to. I am sure they have much more important things to do though :).
-
It sounds like 'Host is down' could also be a remote host and not just a host on a local subnet. I think I have interpreted that incorrectly but I really don't know for sure. So it could be the response from the external DNS server that failed.
"The error is EHOSTDOWN for a non-responding destination host, and EHOSTUNREACH for a non-responding router."
Regardless it is related to a DNS query communication problem at the time. If only the debug output included an IP address we would know specifically which IP there was no response from.
-
Seems i have the same error, i know this post is really old, but there seems no soluion for the problem?
Jan 21 09:48:53 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:39 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:38 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:35 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:32 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:29 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:28 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:21 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:20 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:20 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:12 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:12 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:12 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:11 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:11 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:11 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:11 dnsmasq 19072 failed to send packet: Host is down
Jan 21 09:48:11 dnsmasq 19072 failed to send packet: Host is downWhere to find more information on this?
-
Wooow.
Undying a 6 years old thread !Probably because the DNS servers you are forwarding to took a break.
This solution is still valid : use the Resolver. Or, at least, use other DNS servers that are not off line.
Also : upstream hosts will be down if your WAN is down .... -
@gertjan Well, first of all i searched the forum and this was the latest post about this.
Also the forwarding dns server is then taking a break all the time, its continue happening.
Jan 21 12:21:15 dnsmasq 19072 failed to send packet: Host is down
Jan 21 12:21:10 dnsmasq 19072 failed to send packet: Host is down
Jan 21 11:43:06 dnsmasq 19072 failed to send packet: Host is down
Jan 21 11:43:06 dnsmasq 19072 failed to send packet: Host is downRight now im using opendns server. But i will try another one to see if it fix the problem.
My WAN is not down at all :-) -
Changing the dns server just changed the PID, but still same error.
Changed to google dns.Jan 21 12:27:43 dnsmasq 92971 failed to send packet: Host is down
Jan 21 12:27:39 dnsmasq 92971 failed to send packet: Host is down
Jan 21 12:27:37 dnsmasq 92971 failed to send packet: Host is down
Jan 21 12:26:56 dnsmasq 92971 failed to send packet: Host is down -
True, the message isn't clear at all : nothing is said about the host, neither on what interface it happens, if it was IPv4 or IPv6, UDP or TCP, etc.
So, let's start at the beginning.
Your setup details ?Check : what is returned by :
ps ax | grep '[u]nbound\|[d]nsmasq'
-
What interface(s) is dnsmasq using - maybe it is down, or doesn't have an IP, etc. Where is dnsmasq forwarding too, how does it get there?
-
This message is logged by
dnsmasq
when it fails to send a UDP message (i.e. DNS response) to a host. Specifically, "host is down" (EHOSTDOWN
) will arise when ARP fails or expires for a host (and probably for other situations).In particular for my situation, we had configured dnsmasq to use selected interfaces; one of which was not configured. Switching the Services > DNS Forwarder > "Interfaces" list to "All" removes the extraneous log messages. (doing that removes the explicit list of interfaces that dnsmasq listens on, and let's dnsmasq figure out the list instead).
-
The workaround of selecting 'All' interfaces no longer works; pfsense now explicitly adds
--server
arguments for every interface when 'All' is selected. As such dnsmasq will complain when one or more of those are actually down.