I use dnscrypt-proxy as my main dns server for vyos. This is for 2 reasons:
- I want to use odoh
- I want to have adblocking
I have setup services listening on different local link ip addresses from 169.254.0.0/16.
However when one of them times out (because that's the nature of the beast with odoh) both get blocked and pdns doesn't work anymore :(.
Restarting the forwarder instantly fixes the problem :) - but that's not ideal.
I did some research and i found that there is a way to not throttle certain name servers!
https://docs.powerdns.com/recursor/settings.html#dont-throttle-netmasks
I first added those ip addresses with rec_control to my running vyos instance.
rec_control --socket-dir=/run/powerdns add-dont-throttle-netmasks 169.254.169.254 169.254.169.255
That seemed to have worked and timeouts were ignored.
Another thing that will work is to add the option to enable serving stale records - serving something is better than nothing.
See:
https://docs.powerdns.com/recursor/settings.html#setting-dont-throttle-netmasks
and
https://docs.powerdns.com/recursor/settings.html#serve-stale-extensions