When internet drops, Adguard stops serving all DNS requests, including rewrites. #2657
Comments
|
AdGuard Home v0.104.3 |
|
Hi, and thank you for your report. @ameshkov, do we have an issue about an “offline mode”? I think we've discussed that before somewhere, but I can't find the related issue. |
|
@ainar-g we don't, and the problem is caused by the We could lift the limit or set it to a higher value, this would help. |
|
This is definitely causing issues when there are ISP outages or on power related restarts. Is there any update on this one? |
|
Migrated away from Adguard due to this issue :( |
|
Why is this flagged as feature request? This is a core deficiency. |
|
The easy solution to this issue is to set |
|
I think the issue reported in #1777 is also related. |
|
I'm not sure if this ticket means no local dns look ups work just while upstream dns servers are unavailable or if it means it doesn't work even when they become available again (my issues is the latter). If my internet goes down, I have to reboot my pi or restart the adguard service for it to process DNS requests again. I thought it just happened when I was using DoH upstream servers but now it happens for unencrypted upstream servers as well. max_goroutines set to 0 didn't fix it for me. |
This one is definitely something new, not related to this ticket. |
Thanks. FWIW, I'm using a Raspberry Pi 3b. The only odd thing about my setup is that my ISP uses CGNAT. I don't think it's related as I haven't seen the issue with pihole. |
Sorry for that, because it was my impression as well that this is the case and @KF5JWC seems to refer to the same. I have this both on a RPi and in docker, with my own unbound as root server (which keeps working). After the connection drops and returns, AGH still does not work. |
|
@rhraziel @SanderGit it would help a lot if you could record verbose-level log of this issue for us.
|
This is an accurate understanding of the issues I ran into. |
|
This is the same issue I have as well. If I go and unplug my modem, for example, I can no longer resolve any DNS entries including those locally served/rewrites. |
I apologize, I hope someone else can provide logs for this. I've already moved off of Adguard for now and my Linux knowledge is a bit limited. |
|
For @rhraziel issue, I came across a similar report in #2058 However, I can confirm a similar behavior when disabling protection, DNS rewrites would also stop working. Which I believe should not be the case. Overall the scenario I believe should be implemented is the following:
|
FYI, I've emailed logs to the devteam email address in regards to this. |
|
I've done a little more testing on this and I'm narrowing down what causes the issue (at least for me). If I use a DoH DNS provider OR I use the "browsing web security service" or the "parental control service", DNS resolution does not come back after an internet outage. If I'm not using DoH or web security or parental control, everything works fine after the internet outage. I added Adguard's ipv4 DNS servers to the bootstrap list but that didn't seem to resolve it. I'm just avoiding using DoH and the security/parental services for now but it would be nice to enable them if it didn't cause the resolution recovery issue. |
|
I am suffering from the same problem. |
|
Same error on AdGuard Home v0.106.2 |
|
Same issue is seen on MWAN3 switchover on OpenWRT. When the main WAN goes down AdGuard home stops serving the DNS request till I restart the application. I have tried both OpenWRT version on my router and Docker version on my NAS. I am using a workaround to restart the Adguard container from the mwan3.user script when any WAN interface goes down or comes up, but this introduces appreciable delay in the network. |
|
Got the same problem! WAN down > adguard refuses to work until i restart adguard. Tested on Docker, linux native and opnsense. v0.106.3 |
|
Yep we have had issues with our ISP as well and I had to make a script to kill-9 the adguard process then start the service because the whole process seems to hang |
|
Hi all, could you please try the edge channel build? Probably, this issue is a duplicate of #3217 which seems to be fixed there. |
Its been fixed as of version 107 |
|
Good to know—thanks, @rhraziel! |
|
Hi. I'm running v0.108.0-b.9 and this is very much ongoing. It's driving me nuts. I'll also ditch AGH if this is not fixed. I'm sorry but I cannot spend time troubleshooting my setup instead of working. Hope you find a final solution :) Thanks. |
|
@conradseba, could you please collect a verbose log for us? You may send it to devteam@adguard.com. |
|
After weeks of struggling with this issue I finally decided to search and came across this thread.
|
|
this is very much an active issue, please mark the ticket accordingly. |
|
I can confirm I have this issue too on the latest AGH version. |
|
@abdalians, @s1lviu, apologies for the late response. Can you collect the verbose logs as EugeneOne1 suggested above? Also, what kind of upstream are you using? DoH, DoT, or DoQ? |
|
I tried DoT and DoH - both of these reproduced the same problem. I have AdGuard filtering services turned off at the moment. I will try and capture logs over the weekend. |
|
Commenting to maintain visibility on this issue - I have had to stop using AdGuard as my ISP is basically useless and anytime my network goes out, AdGuard ruins everything locally. |
|
I can also confirm that v0.108.0-b.11 does *not* address this issue either.
…On Wed, 3 Aug 2022 at 20:37, dinosoup1 ***@***.***> wrote:
Commenting to maintain visibility on this issue - I have had to stop using
AdGuard as my ISP is basically useless and anytime my network goes out,
AdGuard ruins everything locally.
—
Reply to this email directly, view it on GitHub
<#2657 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACPW67JOUIXZ4IK4PHKOGZ3VXK37FANCNFSM4XMCEXVQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
the ticket status still remains closed, can we reopen this or do we need to open a new issue and reference this? |
|
Same issue happens on v0.107.28 |
|
Still an issue |
|
Is there a fix or workarround for this? |
|
I ran into this issue today while dealing with a prolonged ISP outage. I did a bit of testing and realized that if a low volume of DNS requests hit AGH, it worked as intended, so as suggested above, I set edit: I left this comment as I believe there could be some optimization here, so that |
|
For me this error still exists: Version: v0.107.32 What could we do? |
|
In my case, AGH does not even start if internet is down. I'm running it on opnsense. If there's a power outage, it's possible the router reboots while Internet is still not available, in this case, adguard does not even come up, which is quite annoying. Is that a separate issue? |
Same here! And it's a really big trouble when internet goes down and you can't resolve local dns, I've ADGuard v0.107.36 in Docker and I've max_goroutines: 0 in AdGuardHome.yaml but nothing goes when I'm offline |
|
So far I have been using Unbound as upstream DNS on AGH and that solved two problems:
I have not tested this thoroughly to be fair, but everything looked good the last 2 times I had Internet down on the ISP side. |
So you use ubound with AGH as DNS, do you mean like https://dev.to/cipherops/how-to-use-unbound-with-adguard-home-1o5n or what? |
|
I mean configure upstream DNS like here: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#upstreams I run unbound on port 5353 on the same machine, and I configured 127.0.0.1:5353 as upstream DNS for AGH simply. |
and about config? |
|
Just to be clear: running a local unbound instance as an upstream for AGH is a workaround for the issue, but should definitely not be considered a fix. |
|
@norgan can you please reopen this issue? |
|
Yes, this is not fixed, after a lot of testing, I do now use Opensense as dns and connect to adguard as the upstream DNS Server. A bad workaround, but I don't want to get my internal network and IOT systems go down on short internet outage. I think this should have high priority, because it seems like an kritical issue. A missing internet connection should never cause an internal dns overwrite to be not delivered correctly. |
|
Please reopen this. I want to use my local server when internet is down. |
|
The solution/workaround in this comment works:
Basically you're whitelisting your own domains from any blocklist. Your DNS rewrites that match the exclusion will then resolve even without an internet connection. |
That's definitely a workaround, not a solution :) |
and others
Docker
dns over tls and https for upstream, half a dozen local rewrites
Raspi 4
Raspbian 64bit
Expected Behavior
Like a real DNs server, queries should be delivered from local zones and cached lookups, even when upstream servers are down.
Actual Behavior
All DNS queries fail and clients panic
Screenshots
Screenshot:
Additional Information
The text was updated successfully, but these errors were encountered: