When a first resolve attempt on the fallback chain (:5553) fails, the
fallback plug-in of the main chain will trigger health check. By default
health checks sends a request every 0.5s as long as upstream reports
unhealthy (default value). Unfortuntely the fallback plug-in's health
check can't be confiugred currently.
Each of these health checks will trigger a 5s resolve attempt by the
fallback chains forward plug-in. And since we get a health check every
0.5s, and health checks on the fallback chain are disabled, this leads
to non-stop resolve attempts, forever.
On-top of that, even when the primary/DHCP provided DNS server is
working, the loop plug-in will trigger a first resolve attempt on the
fallback chain still! This means, even with a working primary DNS sever,
the fallback chain will enter a runaway loop still!
This change does several things:
- Handle the loop check using a template plug-in. This avoids a loop
test requests to Cloudflare. With that, and a working primary DNS
server, no DNS requests will get sent to Cloudflare by default.
- Handle the health check of the fallback plug-in using a template
plug-in. This essentially "disables" health check on the primary
chains fallback plug-in (which would be the better approach, if that
were possible).
- Reenable health checks in the fallback chain, to avoid repeated
attempts to Cloudflare when it's not available.
d66e8f2e4a