AdguardTeam / AdGuardHome

Network-wide ads & trackers blocking DNS server
https://adguard.com/adguard-home/overview.html
GNU General Public License v3.0
25.79k stars 1.85k forks source link

Binding IPv6 not working correctly on Windows 11 #4593

Closed ZTHawk closed 2 years ago

ZTHawk commented 2 years ago

Issue Details

I have setup Adguard Home on a MiniPC to listen on all devices. Binding works. When doing a check via nslookup \<URL> \<MiniPC IPv4> it works fine. When doing a check via nslookup \<URL> \<MiniPC IPv6> I get a timeout.

MiniPC has one main IPv6 and several temporary. Using main IPv6 does not work. Only the last temporary in the list (ipconfig /all) works. All other have a timeout.

Changing config "bind_host" from "0.0.0.0" to explicit IPs:

then everything is working fine.

Info

Expected Behavior

IPv6 working correctly

Actual Behavior

Only working with temporary IPv6.

ainar-g commented 2 years ago

Hello and thank you for the report. Does it work if you put both 0.0.0.0 and :: into dns.bind_hosts?

ZTHawk commented 2 years ago

Just a small update: It is not the last temporary but one of them.

I tried to add "::" to dns.bind_hosts but I get this error:

[error] parsing configuration file: yaml: unmarshal errors:
line 16: cannot unmarshal !!map into net.IP

Defining a specific IPv6 does work. So my config is:

dns:
  bind_hosts:
  - 0.0.0.0
  - <MiniPC IPv6>

This config works with:

  1. IPv4
  2. IPv4 loopback (when executing on the MiniPC)
  3. IPv6 loopback (when executing on the MiniPC)
  4. MiniPC IPv6
  5. temporary IPv6 that worked with the default config

Btw: When I define the \<MiniPC IPv4> instead of 0.0.0.0 then step 2. does not work.

ainar-g commented 2 years ago

@ZTHawk, it's a YAML file, so :: should be in quotes, like this: '::'.

ZTHawk commented 2 years ago

Ah ok, I have tried [::] and \[::\] but that did not work. That worked but I get a new error. Here is the complete log:

2022/05/25 17:51:13.699483 [info] AdGuard Home, version v0.107.6
2022/05/25 17:51:13.921319 [info] Initializing auth module: <InstallPath>\data\sessions.db
2022/05/25 17:51:13.923018 [info] auth: initialized.  users:1  sessions:5
2022/05/25 17:51:13.923741 [info] Initialize web module
2022/05/25 17:51:14.445206 [info] AdGuard Home is available at the following addresses:
2022/05/25 17:51:14.596078 [info] Go to http://<MiniPC IPv6>:80
2022/05/25 17:51:14.596078 [info] Go to http://<MiniPC temporary IPv6>:80
2022/05/25 17:51:14.597456 [info] Go to http://<MiniPC IPv4>:80
2022/05/25 17:51:14.597456 [info] Go to http://<IPv4 of VirtualBox Adapter (different range)>:80
2022/05/25 17:51:14.598077 [info] Go to http://[::1]:80
2022/05/25 17:51:14.598077 [info] Go to http://127.0.0.1:80
2022/05/25 17:51:16.572941 [info] Starting the DNS proxy server
2022/05/25 17:51:16.572941 [info] Ratelimit is enabled and set to 50 rps
2022/05/25 17:51:16.573916 [info] The server is configured to refuse ANY requests
2022/05/25 17:51:16.573916 [info] DNS cache is enabled
2022/05/25 17:51:16.573916 [info] MaxGoroutines is set to 300
2022/05/25 17:51:16.574889 [info] Creating the UDP server socket
2022/05/25 17:51:16.575400 [info] Listening to udp://[::]:53
2022/05/25 17:51:16.575400 [info] Creating the UDP server socket
2022/05/25 17:51:16.605397 [fatal] couldn't start forwarding DNS server: listening to udp socket: listen udp [::]:53: bind: Normalerweise darf jede Socketadresse (Protokoll, Netzwerkadresse oder Anschluss) nur jeweils einmal verwendet werden.

Btw: Full IPv6 (\<MiniPC IPv6>) does not require any quotes. Is that normal? I am not that familiar with YAML.#

Edit: No other application is using port 53. (netstat -a -b)

ainar-g commented 2 years ago

I see, thanks. We'll investigate further.

ainar-g commented 2 years ago

@ZTHawk, apologies for the long silence. Does the issue still persist in the latest versions? Also, are you sure that no other service is listening on port 53? Thanks.

ZTHawk commented 2 years ago

Updated to latest version (0.107.12).

There is no other application listening on port 53. Tested with netstat -a -b

When using this config (extract):

dns:
  bind_hosts:
    - 0.0.0.0
    - '::'

I get this error log:

2022/09/08 08:21:53.063231 [info] AdGuard Home, version v0.107.12
2022/09/08 08:21:53.186364 [info] Initializing auth module: <InstallPath>\data\sessions.db
2022/09/08 08:21:53.188445 [info] auth: initialized.  users:1  sessions:2
2022/09/08 08:21:53.189863 [info] number of certs - 1
2022/09/08 08:21:53.283503 [info] Initialize web module
2022/09/08 08:21:56.039409 [info] DNS cache is enabled
2022/09/08 08:21:56.039409 [info] MaxGoroutines is set to 300
2022/09/08 08:21:56.188224 [info] AdGuard Home is available at the following addresses:
2022/09/08 08:21:56.190183 [info] Go to https://<MiniPC name>:8443
2022/09/08 08:21:56.292275 [info] Go to http://<MiniPC IPv6>:8080
2022/09/08 08:21:56.293259 [info] Go to http://<MiniPC temporary IPv6 #1>:8080
2022/09/08 08:21:56.295708 [info] Go to http://<MiniPC temporary IPv6 #2>:8080
2022/09/08 08:21:56.296519 [info] Go to http://<MiniPC temporary IPv6 #3>:8080
2022/09/08 08:21:56.297616 [info] Go to http://<MiniPC temporary IPv6 #4>:8080
2022/09/08 08:21:56.298719 [info] Go to http://<MiniPC temporary IPv6 #5>:8080
2022/09/08 08:21:56.299470 [info] Go to http://<MiniPC temporary IPv6 #6>:8080
2022/09/08 08:21:56.300482 [info] Go to http://<MiniPC temporary IPv6 #7>:8080
2022/09/08 08:21:56.301830 [info] Go to http://<MiniPC IPv4>:8080
2022/09/08 08:21:56.303104 [info] Go to http://<IPv4 of VirtualBox Adapter (different range)>:8080
2022/09/08 08:21:56.314196 [info] Go to http://[::1]:8080
2022/09/08 08:21:56.314196 [info] Go to http://127.0.0.1:8080
2022/09/08 08:21:57.771882 [info] Starting the DNS proxy server
2022/09/08 08:21:57.772855 [info] Ratelimit is enabled and set to 50 rps
2022/09/08 08:21:57.774803 [info] The server is configured to refuse ANY requests
2022/09/08 08:21:57.774803 [info] DNS cache is enabled
2022/09/08 08:21:57.775778 [info] MaxGoroutines is set to 300
2022/09/08 08:21:57.776785 [info] Creating the UDP server socket
2022/09/08 08:21:57.778507 [info] Listening to udp://[::]:53
2022/09/08 08:21:57.778507 [info] Creating the UDP server socket
2022/09/08 08:21:57.799680 [fatal] couldn't start forwarding DNS server: listening to udp socket: listen udp [::]:53: bind: Normalerweise darf jede Socketadresse (Protokoll, Netzwerkadresse oder Anschluss) nur jeweils einmal verwendet werden.

But when using this config (IPv6 without any quotes):

dns:
  bind_hosts:
    - 0.0.0.0
    - <MiniPC IPv6>

I get this log (which is fine):

2022/09/08 08:30:55.014571 [info] AdGuard Home, version v0.107.12
2022/09/08 08:30:55.159142 [info] Initializing auth module: <InstallPath>\data\sessions.db
2022/09/08 08:30:55.167908 [info] auth: initialized.  users:1  sessions:2
2022/09/08 08:30:55.170823 [info] number of certs - 1
2022/09/08 08:30:55.264584 [info] Initialize web module
2022/09/08 08:30:58.421705 [info] DNS cache is enabled
2022/09/08 08:30:58.421808 [info] MaxGoroutines is set to 300
2022/09/08 08:30:58.670930 [info] AdGuard Home is available at the following addresses:
2022/09/08 08:30:58.683589 [info] Go to https://<MiniPC name>:8443
2022/09/08 08:30:58.918889 [info] Go to http://<MiniPC IPv6>:8080
2022/09/08 08:30:58.924058 [info] Go to http://<MiniPC temporary IPv6 #1>:8080
2022/09/08 08:30:58.925572 [info] Go to http://<MiniPC temporary IPv6 #2>:8080
2022/09/08 08:30:58.925572 [info] Go to http://<MiniPC temporary IPv6 #3>:8080
2022/09/08 08:30:58.928491 [info] Go to http://<MiniPC temporary IPv6 #4>:8080
2022/09/08 08:30:58.931789 [info] Go to http://<MiniPC temporary IPv6 #5>:8080
2022/09/08 08:30:58.934459 [info] Go to http://<MiniPC temporary IPv6 #6>:8080
2022/09/08 08:30:58.937701 [info] Go to http://<MiniPC temporary IPv6 #7>:8080
2022/09/08 08:30:58.938285 [info] Go to http://<MiniPC IPv4>:8080
2022/09/08 08:30:58.941541 [info] Go to http://<IPv4 of VirtualBox Adapter (different range)>:8080
2022/09/08 08:30:58.951287 [info] Go to http://[::1]:8080
2022/09/08 08:30:58.954255 [info] Go to http://127.0.0.1:8080
2022/09/08 08:31:01.345421 [info] Starting the DNS proxy server
2022/09/08 08:31:01.350247 [info] Ratelimit is enabled and set to 50 rps
2022/09/08 08:31:01.350409 [info] The server is configured to refuse ANY requests
2022/09/08 08:31:01.354008 [info] DNS cache is enabled
2022/09/08 08:31:01.354298 [info] MaxGoroutines is set to 300
2022/09/08 08:31:01.392008 [info] Creating the UDP server socket
2022/09/08 08:31:01.401136 [info] Listening to udp://[::]:53
2022/09/08 08:31:01.412835 [info] Creating the UDP server socket
2022/09/08 08:31:01.443959 [info] Listening to udp://<MiniPC IPv6>:53
2022/09/08 08:31:01.463425 [info] Creating a TCP server socket
2022/09/08 08:31:01.500838 [info] Listening to tcp://[::]:53
2022/09/08 08:31:01.504855 [info] Creating a TCP server socket
2022/09/08 08:31:01.521406 [info] Listening to tcp://<MiniPC IPv6>:53
2022/09/08 08:31:01.523845 [info] Creating a TLS server socket
2022/09/08 08:31:01.541018 [info] Listening to tls://[::]:853
2022/09/08 08:31:01.544557 [info] Creating a TLS server socket
2022/09/08 08:31:01.582240 [info] Listening to tls://<MiniPC IPv6>:853
2022/09/08 08:31:01.607535 [info] Creating a QUIC listener
2022/09/08 08:31:01.621206 [info] Listening to quic://[::]:784
2022/09/08 08:31:01.625663 [info] Creating a QUIC listener
2022/09/08 08:31:01.642287 [info] Listening to quic://<MiniPC IPv6>:784
2022/09/08 08:31:01.680484 [info] Entering the tls listener loop on <MiniPC IPv6>:853
2022/09/08 08:31:01.688497 [info] Entering the tcp listener loop on [::]:53
2022/09/08 08:31:01.688497 [info] Entering the UDP listener loop on [::]:53
2022/09/08 08:31:01.688497 [info] Entering the UDP listener loop on <MiniPC IPv6>:53
2022/09/08 08:31:01.688497 [info] Entering the DNS-over-QUIC listener loop on [::]:784
2022/09/08 08:31:01.688497 [info] Entering the DNS-over-QUIC listener loop on <MiniPC IPv6>:784
2022/09/08 08:31:01.688497 [info] Entering the tcp listener loop on <MiniPC IPv6>:53
2022/09/08 08:31:01.688497 [info] Entering the tls listener loop on [::]:853

PS: I have not defined any of the <MiniPC temporary IPv6 #...> IPv6 addresses.

EugeneOne1 commented 2 years ago

@ZTHawk, hello again and apologies for the late response. Actually, it seems that specifying both 0.0.0.0 and '::' is redundant because both versions covering both protocols, sorry for confusion. As per the original issue, there is the only working address, so I assume the real issue was with others. Perhaps, those are link-local? FYI, we've added the support for link-local IPv6 addresses in v0.107.17, so could you please try to reproduce it there, or on a newer version (with only a single of 0.0.0.0 and '::')?

ZTHawk commented 2 years ago

Hello. It seems that I was had already in the config just 0.0.0.0 for some time (maybe I changed it and forgot to revert). Never the less IPv6 was working (and is now aswell). I see this as solved.

Maybe it should be noted in the wiki that we cannot use both IPv4 and IPv6 in bind_hosts. Or filter it when loading the config file.

EugeneOne1 commented 2 years ago

@ZTHawk, glad to hear, thanks for the feedback. It's actually described in the wiki already, by the dns.bind_hosts section. I'll close the issue for now, if you don't mind.