When internet drops, Adguard stops serving all DNS requests, including rewrites.

AdguardTeam / AdGuardHome

Network-wide ads & trackers blocking DNS server

https://adguard.com/adguard-home.html

GNU General Public License v3.0

24.92k stars 1.79k forks source link

When internet drops, Adguard stops serving all DNS requests, including rewrites. #2657

Closed norgan closed 2 years ago

norgan commented 3 years ago

Version of AdGuard Home server:
How did you install AdGuard Home: Docker
How did you setup DNS configuration: dns over tls and https for upstream, half a dozen local rewrites
If it's a router or IoT, please write device model: Raspi 4
Operating system and version: Raspbian 64bit

Expected Behavior

Like a real DNs server, queries should be delivered from local zones and cached lookups, even when upstream servers are down.

Actual Behavior

All DNS queries fail and clients panic

Screenshots

Screenshot:

Additional Information

yurividal commented 1 year ago

Is there a fix or workarround for this? My ISP was doing some maintanance yesterday, and i noticed none of my local rewrites were resolving while my LAN was offline. This makes no sense. Local rewrites with private domains and local IP addresses on the LAN should not need internet access in order to resolve.

daygr commented 1 year ago

I ran into this issue today while dealing with a prolonged ISP outage. I did a bit of testing and realized that if a low volume of DNS requests hit AGH, it worked as intended, so as suggested above, I set max_goroutines: 0 in AdGuardHome.yaml. It seems that higher volumes of failed upstream DNS requests slow AGH to the point where rewrites fail to respond.

edit: I left this comment as I believe there could be some optimization here, so that max_goroutines can still be set during normal operation. Perhaps an "outage mode", with a timer similar to the temporary disable button, could be added, which makes AGH stop trying to serve upstream DNS so it doesn't get overloaded.

merlink01 commented 1 year ago

For me this error still exists: Version: v0.107.32 Setting max_goroutines: 0 did not help. Because my home automation is using local DNS this is really critical.

What could we do?

Qhilm commented 1 year ago

In my case, AGH does not even start if internet is down. I'm running it on opnsense. If there's a power outage, it's possible the router reboots while Internet is still not available, in this case, adguard does not even come up, which is quite annoying.

Is that a separate issue?

RedFoxy commented 10 months ago

This is the same issue I have as well. If I go and unplug my modem, for example, I can no longer resolve any DNS entries including those locally served/rewrites.

Same here! And it's a really big trouble when internet goes down and you can't resolve local dns, I've ADGuard v0.107.36 in Docker and I've max_goroutines: 0 in AdGuardHome.yaml but nothing goes when I'm offline

Qhilm commented 10 months ago

So far I have been using Unbound as upstream DNS on AGH and that solved two problems:

AGH not starting if internet is down
AGH not answering DNS queries for local network when internet is down

I have not tested this thoroughly to be fair, but everything looked good the last 2 times I had Internet down on the ISP side.

RedFoxy commented 10 months ago

So far I have been using Unbound as upstream DNS on AGH and that solved two problems:

AGH not starting if internet is down

AGH not answering DNS queries for local network when internet is down

I have not tested this thoroughly to be fair, but everything looked good the last 2 times I had Internet down on the ISP side.

So you use ubound with AGH as DNS, do you mean like https://dev.to/cipherops/how-to-use-unbound-with-adguard-home-1o5n or what?

Qhilm commented 10 months ago

I mean configure upstream DNS like here: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#upstreams

I run unbound on port 5353 on the same machine, and I configured 127.0.0.1:5353 as upstream DNS for AGH simply.

RedFoxy commented 10 months ago

unbound on port 5353 on the same machine, and I configured 127.0.0.1:5353 as upstream DNS for AGH simply.

and about config?

yurividal commented 10 months ago

Just to be clear: running a local unbound instance as an upstream for AGH is a workaround for the issue, but should definitely not be considered a fix. There is no reason why AGH should be trying to resolve upstream names if it has local rewrites.

yurividal commented 10 months ago

@norgan can you please reopen this issue?

merlink01 commented 10 months ago

Yes, this is not fixed, after a lot of testing, I do now use Opensense as dns and connect to adguard as the upstream DNS Server.

A bad workaround, but I don't want to get my internal network and IOT systems go down on short internet outage.

I think this should have high priority, because it seems like an kritical issue.

A missing internet connection should never cause an internal dns overwrite to be not delivered correctly.

james-1987 commented 10 months ago

Please reopen this. I want to use my local server when internet is down.

mcrapts commented 9 months ago

The solution/workaround in this comment works: https://github.com/AdguardTeam/AdGuardHome/issues/4825#issuecomment-1866318615

My home internet is currently down. Wasn't able to access my network via local DNS. If I disabled AGH protection, local DNS works. My solution was to add @@||mydomain.tld^ to the custom filtering rules. Immediately started resolving again.

Basically you're whitelisting your own domains from any blocklist. Your DNS rewrites that match the exclusion will then resolve even without an internet connection.