Peterzhangnoise
commented
1 year ago 我尝试升级到最新的beat版,也存在这个问题 i try update latest beat version,but this problem still exists
Open Peterzhangnoise opened 1 year ago
Peterzhangnoise
commented
1 year ago 我尝试升级到最新的beat版,也存在这个问题 i try update latest beat version,but this problem still exists
ainar-g
commented
1 year ago Hello. If I understand correctly, the problem is in the difference between Server: OpenWrt and Server: UnKnown? If so, that is most likely caused by nslookup using a different source address. AdGuard Home responds with an NXDOMAIN if it detects that the request is coming from a non-private-use network.
You can test that by using a better DNS lookup tool, dig. For example, using PowerShell:
dig IN A -b '172.16.0.3' 'portal.cloudpeter.com' '@172.16.0.2'dig IN A -b '1.2.3.4' 'portal.cloudpeter.com' '@172.16.0.2'Where 172.16.0.3 is the address of your machine inside your network and 1.2.3.4 is any sort of external IP address the machine can have.
Peterzhangnoise
commented
1 year ago 172.16.0.4是我本机地址,172.16.0.3是我局域网里某一台主机的地址。 172.16.0.4 is my host address,172.16.0.3 is a inside network address.
C:\Users\Administrator\Downloads\BIND9.16.30.x64>dig IN A -b 172.16.0.4 'portal.cloudpeter.com' '@172.16.0.2'
; <<>> DiG 9.16.30 <<>> IN A -b 172.16.0.4 'portal.cloudpeter.com' '@172.16.0.2' ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62433 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;'portal.cloudpeter.com'. IN A
;; AUTHORITY SECTION: 'portal.cloudpeter.com'. 60 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023032903 1800 900 604800 86400
;; Query time: 562 msec ;; SERVER: 172.16.0.2#53(172.16.0.2) ;; WHEN: Thu Mar 30 11:37:29 ;; MSG SIZE rcvd: 128
;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17694 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;'\@172.16.0.2'. IN A
;; AUTHORITY SECTION: '\@172.16.0.2'. 60 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023032903 1800 900 604800 86400
;; Query time: 582 msec ;; SERVER: 172.16.0.2#53(172.16.0.2) ;; WHEN: Thu Mar 30 11:37:30 ;; MSG SIZE rcvd: 118
C:\Users\Administrator\Downloads\BIND9.16.30.x64>dig IN A -b 172.16.0.3 'portal.cloudpeter.com' '@172.16.0.2' dig: isc_socket_bind: address not available
C:\Users\Administrator\Downloads\BIND9.16.30.x64>dig IN A -b 1.2.3.4 'portal.cloudpeter.com' '@172.16.0.2' dig: isc_socket_bind: address not available
Peterzhangnoise
commented
1 year ago 我又拿局域网内的一台windows电脑抓包。
I used Wireshark to grab packets from a Windows computer on the inside network.
ainar-g
commented
1 year ago It is weird then. Did you set the value of dns.private_networks to something other than empty array (which tells AGH to use the default private networks)?
Also, please configure AGH to save verbose logs and see if you can find a message similar to:
dnsforward: "1.2.3.4:567" requests an internal ip(With some other IP address.)
Peterzhangnoise
commented
1 year ago dns.private_networks 设置为空 详细日志里也没有关于dnsforward: "1.2.3.4:567" requests an internal ip这样的信息
dns.private_networks is set to empty, and there is no information about dnsforward: "1.2.3.4:567" requests an internal ip in the detailed log
Peterzhangnoise
commented
1 year ago ainar-g
commented
1 year ago There seem to be no PTR requests in those logs at all. What does nslookup -debug portal.cloudpeter.com show for the DNS server if you don't use an explicit DNS server? And how is DNS set up on the Windows machine generally? Are there any addresses other than the address of AdGuard Home?
Peterzhangnoise
commented
1 year ago Got answer: HEADER: opcode = QUERY, id = 1, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
5.5.5.223.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 5.5.5.223.in-addr.arpa
name = public1.alidns.com
ttl = 1046 (17 mins 26 secs)服务器: public1.alidns.com Address: 223.5.5.5
Got answer: HEADER: opcode = QUERY, id = 2, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = A, class = IN
AUTHORITY RECORDS:
-> cloudpeter.com
ttl = 600 (10 mins)
primary name server = cora.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2305561930
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)Got answer: HEADER: opcode = QUERY, id = 3, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> cloudpeter.com
ttl = 600 (10 mins)
primary name server = cora.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2305561930
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)Got answer: HEADER: opcode = QUERY, id = 4, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = A, class = IN
AUTHORITY RECORDS:
-> cloudpeter.com
ttl = 600 (10 mins)
primary name server = cora.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2305561930
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)Got answer: HEADER: opcode = QUERY, id = 5, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> cloudpeter.com
ttl = 600 (10 mins)
primary name server = cora.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2305561930
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)*** public1.alidns.com 找不到 portal.cloudpeter.com: Non-existent domain
Got answer: HEADER: opcode = QUERY, id = 1, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
2.0.16.172.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 2.0.16.172.in-addr.arpa
name = OpenWrt
ttl = 30 (30 secs)服务器: OpenWrt Address: 172.16.0.2
Got answer: HEADER: opcode = QUERY, id = 2, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = A, class = IN
ANSWERS:
-> portal.cloudpeter.com
internet address = 172.16.0.6
ttl = 10 (10 secs)Got answer: HEADER: opcode = QUERY, id = 3, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = AAAA, class = IN名称: portal.cloudpeter.com Address: 172.16.0.6
Got answer: HEADER: opcode = QUERY, id = 1, rcode = NXDOMAIN header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
2.0.16.172.in-addr.arpa, type = PTR, class = IN
AUTHORITY RECORDS:
-> 2.0.16.172.in-addr.arpa
ttl = 10 (10 secs)
primary name server = fake-for-negative-caching.adguard.com
responsible mail addr = hostmaster.2.0.16.172.in-addr.arpa
serial = 100500
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)服务器: UnKnown Address: 172.16.0.2
Got answer: HEADER: opcode = QUERY, id = 2, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = A, class = IN
ANSWERS:
-> portal.cloudpeter.com
internet address = 172.16.0.6
ttl = 10 (10 secs)Got answer: HEADER: opcode = QUERY, id = 3, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
portal.cloudpeter.com, type = AAAA, class = IN名称: portal.cloudpeter.com Address: 172.16.0.6
windows上dns是由dhcp下发的,dhcp就设置为172.16.0.2,172.16.0.2这个地址就是adguard home的地址 On Windows, dns is issued by dhcp, which is set to 172.16.0.2172.16.0.2. This address is the address of the adguard home
Peterzhangnoise
commented
1 year ago windows上有两个dns,一个主dns和一个备用dns,两个我都设置为172.16.0.2 There are two dns on Windows, one primary dns and one standby dns. I set both to 172.16.0.2
Prerequisites
[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[x] I want to report a bug and not ask a question
Operating system type
Linux, OpenWrt
CPU architecture
x86
Installation
GitHub releases or script from README
Setup
On a router, DHCP is handled by the router
AdGuard Home version
v0.107.26
Description
What did you do?
我在私人反向dns地址设置了smartdns的地址,然后把使用私人反向dns解析打开了 i set Private reverse DNS servers smartdns address and enable Use private reverse DNS resolvers
Expected result
每次nslookup都能正常显示server名称 twice nslookup can show servername
Actual result
第一次nslookup显示server地址是正确的,第二次不正常显示unkonw first nslookup can be show servername,second nslookup can`t show servername
Screenshots (if applicable)
Here's me my nslookup debug 我用nslookup 加个debug选项结果
Additional information
Overall architecture User udp_port:53 -> adguardhome -> smartdns