AdGuard Home v0.107.42 not working correctly with keepalived / virtual IP

[nohn]

Prerequisites

• [X] I have checked the Wiki and Discussions and found no answer

• [X] I have searched other issues and found no duplicates

• [X] I want to report a bug and not ask a question or ask for help

• [X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)

Platform (OS and CPU architecture)

Linux, AMD64 (aka x86_64)

Installation

GitHub releases or script from README

Setup

Other (please mention in the description)

AdGuard Home version

v0.107.42

Action

I'm running two AdGuardHome instances in a high availability setup using keepalived and virtual IP.

Expected result

AdGuardHome responds to DNS requests on both host and virtual IP.

Actual result

Up until v0.107.41 this worked fine. After upgrading to v0.107.42, DNS does not respond on the virtual IP, only on the host IP. The web interface works on all IPs. Downgrading to v0.107.41 immediately fixes this issue.

Additional information and/or screenshots

No response

[Hippo240]

I have a similar issue, after updating to v0.107.42 (Adguard Home in Ubuntu 20.04 in WSL2 in Win11) adguard appears to only bind to one IP address (not the same one as before the update). Changed my config from bind: 0.0.0.0 to use {primary IP} and 127.0.0.1 and its working again.

dns:
  bind_hosts:
    - {primary IP}
    - 127.0.0.1

[Magelo]

I have a similar setup. AdGuardHome running in a Proxmox LXC container for my primary DNS with keepalived and the secondary is running on a raspberry pi. v0.107.42 was not working at all, I lost all DNS resolution. I had downgrade too to v.107.41. Now it's working again.

[oekomat]

I have the same problem...no dns forwarding on v0.107.42. Runs in docker on unraid

[ardel]

I have the same problem. UDP responses do not reach the client. TCP responses are ok. Docker virtual IP in Synology

$ dig +short dns.google @192.168.1.12
;; connection timed out; no servers could be reached

$ dig +short +tcp dns.google @192.168.1.12
8.8.8.8
8.8.4.4

[0berkampf]

I have a similar issue, after updating to v0.107.42 (Adguard Home in Ubuntu 20.04 in WSL2 in Win11) adguard appears to only bind to one IP address (not the same one as before the update). Changed my config from bind: 0.0.0.0 to use {primary IP} and 127.0.0.1 and its working again.

dns:
  bind_hosts:
    - {primary IP}
    - 127.0.0.1

Thx, it works for me!

[ardel]

I have the same problem. UDP responses do not reach the client. TCP responses are ok. Docker virtual IP in Synology

$ dig +short dns.google @192.168.1.12
;; connection timed out; no servers could be reached

$ dig +short +tcp dns.google @192.168.1.12
8.8.8.8
8.8.4.4

After editing the bind_hosts and adding 192.168.1.12 it works fine

[phoenixtechnam]

This is a nasty bug which took me a while to figure out. I am running AGH in docker on an Unraid server with keepalived and a raspberry pi as backup. After routinely updating to v0.107.42 all DNS requests failed. Hard-coding the IP adresses as suggested above works, but is not an option for me since AGH Master and AGH Backup are sharing/syncing the same AGH configuration file. Rolling back to v0.107.41 seems to be the best option for now.

[0berkampf]

How do you proceed to downgrade, I was not able to find a detailed procedure?

[phoenixtechnam]

How do you proceed to downgrade, I was not able to find a detailed procedure?

in docker, instead of adguard/adguardhome or adguard/adguardhome:latest you can pull adguard/adguardhome:v0.107.41

[ainar-g]

@nohn, hello. A few questions to clarify:

• Have you inspected AdGuard Home's logs? Do you see any errors there?

• What value of dns.bind_hosts are you using?

• Does TCP resolution work?

• You haven't mentioned it in the description, but just to be safe, are you running AdGuard Home in Docker/VM?

[ardel]

The new version in Docker cannot connect to the upstreams using HTTP/3, which is based on UDP. My config contains use_http3_upstreams: true When I specify the upstream as h3: then it fails testing. The same address with https works.

Not sure whether it's the same issue.

[ainar-g]

We've released a fix to a similar issue in version v0.108.0-a.788+7b5cce51 on the Edge channel. Can anyone affected by this one check?

[nohn]

We've released a fix to a similar issue in version v0.108.0-a.788+7b5cce51 on the Edge channel. Can anyone affected by this one check?

I can. However, I'm running the binary distribution and the latest available release is v0.108.0-b.51

[Zoey2936]

We've released a fix to a similar issue in version v0.108.0-a.788+7b5cce51 on the Edge channel. Can anyone affected by this one check?

I've pulled the adguard/adguardhome:edge and now plain DNS over UDP works again for me

[ainar-g]

@nohn, releases on the Edge channels are basically daily builds and are not uploaded to GitHub. We have the links to all release channels on the Platforms page on the Wiki.

[nohn]

I can confirm the fix with v0.108.0-a.788+7b5cce51 on Linux in a keepalived setup with floating IPs.

[ainar-g]

Great, thanks for testing. We'll release a fix next week then.

Edit: The fix was committed as part of #6510.

[x86txt]

The latest upgrade broke this for me too. So nice to see such a super-fast response ... and that I'm not the only geek running a keepalived setup with AGH!

[EugeneOne1]

For those who have been following this issue, we've just released the v0.107.43 with the fix.

[msalmon4]

issue resolved here as well now with v.0.107.42. Thanks!

[ItsRaaaw]

Hi all, I have the same problem of the author of that post.

I have the AdGuard Home MASTER running on a Ubuntu 22.04 CT in Proxmox and the BACKUP one is running on a standalone mini PC with Ubuntu server 22.04. I'm using keepalived for high availability and adguardhome-sync to sync the two AGH instances. Also, I have OPNsense as FW/router and a TP-Link Omada ecosystem with switches and APs.

Everything is working fine, I can access both webUI, the sync is working and if I try to enter the VIP created with keepalived I get redirected to the webUI of the AGH configured as MASTER. If in OPNsense I use the real IP of the MASTER AGH in the DHCP server settings everything works and all my devices have access to the internet, but as soon as I change the DNS IP to the virtual one, nothing works anymore and devices have no internet.

Reading the comments I saw that this was a bug of v0.107.42, solved in v0.107.43 I'm actually running the latest version (v0.107.53) So, do you know if this problem came back? Has anyone had the same problem recently?

I don't consider myself an expert. I'm doing some experiments to improve my home network and actually, this is my first experience with high availability and sync between servers. So feel free to tell me if I'm doing something wrong or if I can improve something.

Hope someone can help. Thanks