AGH trying to download filters over IPv6 even though network doesn't support IPv6

[timkgh]

Prerequisites

• [X] I have checked the Wiki and Discussions and found no answer

• [X] I have searched other issues and found no duplicates

• [X] I want to report a bug and not ask a question or ask for help

• [X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)

Platform (OS and CPU architecture)

Linux, MIPS LE

Installation

GitHub releases or script from README

Setup

On a router, DHCP is handled by the router

AdGuard Home version

v0.108.0-b.58

Action

Network doesn't support IPv6 but AGH is trying to download the filters from an IPv6 address:

2024/10/13 20:14:03.746275 [error] filtering: updating filter from url "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt": reading from url: Get "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt": dial tcp [2606:50c0:8000::153]:443: connect: cannot assign requested address
dial tcp [2606:50c0:8001::153]:443: connect: cannot assign requested address
dial tcp [2606:50c0:8002::153]:443: connect: cannot assign requested address
dial tcp [2606:50c0:8003::153]:443: connect: cannot assign requested address

Expected result

Use IPv4

Actual result

Uses IPv6

Additional information and/or screenshots

No response

[tjharman]

Are you sure the router isn't hiding an IPv6 on you somewhere there?

Have you tried ticking

?

[timkgh]

I already have that box checked. There is no IPv6 on the router, either on the WAN or LAN side, not even the link local addresses. dig google.com aaaa doesn't resolve via AGH, it returns google.com. 10 IN SOA fake-for-negative-caching.adguard.com. hostmaster.google.com. 100500 1800 60 604800 86400

Unless AGH does its own thing for DNS resolution for filters and queries some DNS server directly that I don't know about.

Not sure how it's able to discover 2606:50c0:8000::153 at all. That is a legit IPv6 for adguardteam.github.io. It must be querying one of the upstreams or bootstrap DNS servers directly. Those do resolve AAAA records.

[schzhn]

Before attempting to dial via IPv6, it had already failed with IPv4. See 1, 2.

[timkgh]

Before attempting to dial via IPv6, it had already failed with IPv4. See 1, 2.

But the question remains: what does AGH query to even discover the IPv6 address?

[schzhn]

...pure Go resolver that sends DNS requests directly to the servers listed in /etc/resolv.conf...

From Go documentation.

[timkgh]

Confusing, because /etc/resolv.conf just points to the router itself (192.168.1.1) which is AGH which doesn't resolve IPv6, so no idea how it actually resolves to that IPv6 address.

[schzhn]

Sorry for the misleading answer. AGH resolves the hostname itself using the provided upstreams and then tries all the IP addresses it obtains. https://github.com/AdguardTeam/AdGuardHome/blob/41cce6259709d450b3c6c310cedd9610f4f82a69/internal/dnsforward/dialcontext.go#L16 In your case, AGH failed to obtain IPv4 addresses but successfully obtained IPv6 addresses, then attempted to use them and failed.

[timkgh]

OK that explains it then. It should probably respect aaaa_disabled: true when set.