Dnslookups on *.infura.io are throttled

I took a bit of time to investigate a addrlookup ENOTFOUND issue with truffle (latest version) and hdwallet-provider, though it’s not related to that.
It seems infura is using AWS elastic loadbalancers with Route53. DNS queries to e.g. ropsten dot infura dot io are being throttled by AWS (Perhaps “AWS Shield” DDOS protection?). The result however is that when too many requests arrive (and infura is popular these days) randomly people get a ENOTFOUND causing their deploy code to abort (some things cannot be retried). Truffle is doing a lot of polling calls which increase the likelyhood… yes, websockets fix it but not everything works with it.
I believe this my very well be the cause of many ENOTFOUND issues reported for infura - there are many that have not been resolved for years, just a few quick links:

The proof that the cause is DNS is that if I hardcode an ip received through “dig hostname” in my /etc/hosts file, I never run into troubles. Which is obviously also not the best approach as loadbalancers can come and go but good enough to be able to perform a stable deployment from truffle.

I think Infura should work together with AWS to see how this can be resolved while preserving DDOS protection. It doesn’t make sense to cache longer than the TTL at the client or to retry fatal errors.

hi @jeroenost and welcome to the Infura community !
Thanks a lot for these details, we’ll do some investigation on our side and get back !


1 Like

hi @jeroenost, we’ve done some investigation around it and we don’t see Route53 as being the root cause here, this might rather indicate some instability between the client and your DNS provider(s).
It would help to get some additional information like any logs that might be relevant and the region of the world they you requesting from?

Feel free to open a support ticket and we’ll take it from there.