Local DNS zones and cached responses aren't served after the network lost #4825
Comments
|
Please, take a look at this, @handcoding, @conradseba, @abdalians, @s1lviu, @dinosoup1. I've mentioned you since you've reported the issue to the #2657. Could you please also help us with the investigation? Thanks. |
|
Same issue here since ever. My setup is: I really hope this is solved soon, since I'm suffering from this many times a day everyday (my Vodafone provider is the worst I've ever had). Thank you!! |
|
@EugeneOne1 we just need the debug logs, right? |
@conradseba if your wan drop frequency is that bad, could you please capture the logs as requested in the other ticket? Save me from taking down the network for log capture. :) |
|
@abdalians, that's right, we call it "verbose". |
|
Apologies for the delay in this I am finally in this broken state again and I am trying to collect as much Information as I can will post shortly. |
|
To reiterate the point, this only happens when my primary internet (cable) fails over to secondary internet (dsl) Please see investigation file attached.
Until the time that the primary internet connection is restored, then enabling the Adguard PArental Control Web Service / Adguard borwsing securiy web services makes Adguard work again. |
@EugeneOne1 I haven’t personally run into this issue since the fix for #4317 landed on the main trunk. (But that’s just me.) |
|
Aha! I have the same issue and I posted about it just now: What is the progress for this? My unifi network uses the FQDN of my unifi controller. When my Internet connection drops (it just did two days ago and it was out for 45 freaking hours!), I lose control over my local network because of AGH! |
|
@EugeneOne1 do you need more information the ticket? still says needs investigation and needs to be reproduced reliably. I can reproduce this every single time without failure. Also the milestones were set to 107.16 which is out now.. does that mean we have a potential fix? |
|
Version: |
|
Version: |
|
Any updates on the matter? |
|
Still a problem Version: v0.107.52 |
Can confirm as well, even the suggested fixes do not work for me |
OS Type: GLi-Net 4.6.8 / LuCI openwrt-21.02 Can confirm as well... Issue arrose after upgrading to v0.107.52. Turning off AdGaurd restores local lan name resolution, and turning it back on again breaks it. |
|
This workaround doesn't work for me on v0.107.54 (running in Docker on x86 machine):
|
This is my configuration and it goes when the connection goes offline, I've 192.168.0.x LAN and my router 192.168.0.1 give me static dns for LAN device https://github.com/RedFoxy/HA-MyConf/blob/main/AdGuardHome/AdGuardHome.yaml I hope that can help you |
What? |
With my configuration I can access the DNS of the local names provided by the gateway and ADGuard's DNS cache, also when the internet becomes available again ADGuard comes back to work completely without any problems |
Right. So do you know which specific setting in your config is fixing this? |
Simply in my configuration I planned to have a separate DNS server for the LAN, in my case it is a service provided by my gateway with ip 192.168.0.1, that would act as a CACHE and DNS for the local static DNS, so in “Settings -> DNS settings” under “Upstream DNS servers” I added the rules for which the gateway DNS server should be used: [/.local/]192.168.0.1 Basically for all DNS requests that end in .local or .mydomain.com instead of ADGuard responding the DNS server 192.168.0.1 is queried On the same page I activated the item “Use private reverse DNS resolvers”. After that under “Filters -> Custom filtering rules,” just in case, I added the local domains not to be blocked: @@||local^ Doing so solved the problem of internet drops and AdGuard Home not responding once the internet came back |
|
While I suppose that is a workaround, it also doesn't make any sense. Adguard home is supposed to function as a caching DNS server. What you've done is add another DNS server to your network. What this issue is about is the fact that you shouldn't need another DNS server because adguard home should fill that role. |
But his configuration is expected if your upstream device is a firewall router like pfsense/opnsense. These have unbound in them and you point AGH to that as it is also the DHCP server of the network. This is a supported config. @RedFoxy , I have the same config as you do, at least for the DNS servers part. But why do you still have .local there? I only have my local domain listed there. Also, why the need to put them in the whitelist? This part is what I don't have. |
|
I have to strongly disagree with this. If you are running a DNS server on your router, then you should be doing ad filtering at that level as well. Adding extra DNS servers along the way. Just slows down DNS lookups and adds extra points of failure and extra complication. |
I get your point but that latency is negligible fora home network. To be fair, I have AGH installed on my opnsense router itself and is pointed to itself (localhost), and I get an average processing time of 6ms. |
|
But you were still adding ridiculous unnecessary extra complication. Just point the adguard instance at the real upstream DNS server, instead of adding another one in the middle. If you're trying to pretend that this is a workaround for this bug. You might as well say just don't use adguard. Because the whole point to this bug is that adguard doesn't work if it can't access an upstream server. When you add an extra upstream server within your own house, all you've done is move the bug. One more layer. You'll still have the exact same issue if that server within your house goes down. |
Maybe I confused you for a moment, DHCP is handled by my gateway (a Mikrotik) and among other services it provides, it also has a DNS server for all my local .local names like pve.local or frigate.pve. local, but also to override the names of my external domain mydomain.com, this is because if I go to frigate.mydomain.com with my cell phone and I am connected to WiFi at home he resolves it as 192.168.0.10 if I am away from home he resolves it with my external ip. In the local network I do NOT directly use any DNS server other than AdGuard Home, while ADG uses my gateway as upstream, so when I ask frigate.pve.local to resolve me I ask ADG which in turn asks the gateway. Why do I do this? I realized that ADG when it does not reach the external DNS it crashes and does not always come back to work when the external DNS becomes available again, if I provide it with an always working DNS, such as my gateway's DNS, it never crashes and always resolves my local DNS and the ones it has cached. |
I completely understand what you mean, but unfortunately I have an unstable line and internet drops easily every time it rains, even for a few seconds, the fact that ADG would always crash forcing me to restart its service in order to surf take advantage of the network again, I preferred to use this system, I don't feel all this lag in the resolution and since I use it I don't have network problems anymore, while before I was very tempted to uninstall ADG |
|
But then why are you commenting on this bug, if your whole point is to just not use adguard because your line is unstable? |
I use EVERYTIME ADGuard! why do you say that I don't use ADG? The trouble is when the internet goes offline and ADG doesn't goes! but with that workaround you'll continue to use ADG when you are offline or when you switch from land cable to mobile hotspot etc... |
|
No, you specifically stated that you do not use adguard, you only use adguard as a relay to your other DNS server. This bug is about those of us who are trying to use adguard as a DNS server. |
Where did I say this? I said I use ADGuard as my only DNS, the upstream DNS that ADGuard uses when it doesn't know what to resolve is my gateway where google and cloudflare DNS are also set, but all my queries go through ADG first! Devices -> DNS REquest -> ADG -> Gateway -> Other external DNS |
|
Exactly, you are not using adguard as a DNS, you are using adguard simply as a relay to your real DNS server that is on your router. |
excuse me, my wronge, but ADG doesn't need an external dns to resolve names? |
|
The key word here is external. And external depends on the internet. We are looking to allow adguard to serve local DNS without an internet connection. That's the whole bug. Adguard currently refuses to serve local DNS when it cannot access an external DNS server. That's wrong. It should be able to do so. This whole thing doesn't apply to your situation because you don't have adguard pointing to an external DNS. And you don't have it trying to serve local DNS at all, you have your other DNS server serving local DNS. Adguard is a DNS server, and as such should not require an upstream resolver to resolve addresses it already knows, in this case local ones. |
I used to have local dns on ADG but the fact that it doesn't work when the internet goes down was blocking me too much. I'm sorry to have bothered you |
I point it to my own dns server because I want to use my own DNS resolver. Nothing is complicated with that. We're all here for tinkering with things. If you don't want that setup, good for you. This is just like the question of virtualizing your router. There's always two sides in a coin. And mind you, I still have this bug even if my setup is the same as RedFoxy's. |
For me, I do have AGH pointed to my router's DNS AND external DNS servers. So for local records, it queries my unbound DNS server. Again, nothing wrong with that. And I don't know why you consider that "ridiculously complicated". It isn't. It's so simple. |
|
While I understand @kevindd992002‘s point I agree with @RedFoxy — local name resolution is a job of a DNS server — which is what AGH is. It should work independently of the WAN connection and there’s no reason it shouldn’t do DNS rewrites without an upstream server. |
You mean you agree with @ve6rah? Just to be clear, I think we're saying the same thing here. My setup is like so: Client -> AGH -> Unbound in opnsense (which is also my Internet gateway) I agree with you that AGH should be able to resolve local DNS entries even if the WAN connection is down. That'a the whole point of this bug. It should still be able to use the upstream servers that are in its local subnet, or as long as it has a route to wherever those upstream DNS servers are. Regardless of the difference in setup here, we all are pointing to the same bug. AGH's cache and upstream servers (except external servers) should work even if the WAN connection goes down. |
|
Yes, I meant @ve6rah and yes, I think regardless of the upstream dns chosen, AGH should work independently of the internet connection 👍 I just thought it was important to clarify this :) Thanks! |
when that bug will fixed I'll remove my gateway DNS server... I've it only to able to use my DNS when I'm offline! |
Prerequisites
I have checked the Wiki and Discussions and found no answer
I have searched other issues and found no duplicates
I want to report a bug and not ask a question
Operating system type
Linux, Other (please mention the version in the description)
CPU architecture
64-bit ARM
Installation
Docker
Setup
On one machine
AdGuard Home version
v0.107.9
Description
This is a continuation of the thread started in #2657. The problem's first occurance was in v0.104.3 and has already been fixed a couple of times but still reported. We can't reproduce the issue on our machines. If you've faced it, please consider providing the following information:
The last two pieces of information (optionally anonymized) could be sent to devteam@adguard.com with this issue's number in the subject.
The text was updated successfully, but these errors were encountered: