Closed ajp2k13 closed 5 months ago
cuonglm
commented
6 months ago Hi @ajp2k13,
Thanks for reporting.
Does the problem still occur now or it happens only once?
Could you please following the troubleshooting guide when problem happens: https://github.com/Control-D-Inc/ctrld/wiki/Troubleshooting-Guide
ajp2k13
commented
6 months ago Hi @cuonglm,
It happens every time I try to use doh3 as the protocol for an upstream. No dns resolution at all until I change it back to doh and restart ctrld.
I’ll try the troubleshooting guide, thanks.
ajp2k13
commented
6 months ago Hmm, now it wouldn’t even start when using doh3 in the config… actually, this is what I got first when upgrading as well. Then I just started fresh and managed to get it running again, probably just used doh when I started fresh…
Mar 7 17:48:47.000 NTC Reading config: /jffs/controld/ctrld.toml Mar 7 17:48:47.885 NTC Starting service Mar 7 17:49:23.781 ??? ================================ Mar 7 17:49:23.781 ??? An error occurred while performing test query: no answer from ctrld listener Mar 7 17:49:23.781 ??? ================================ Mar 7 17:49:23.781 ??? ctrld service was running, but a DNS query could not be sent to its listener Mar 7 17:49:23.781 ??? Please check your system firewall if it is configured to block/intercept/redirect DNS queries Mar 7 17:49:23.781 ??? ================================ Mar 7 17:49:25.892 NTC Service uninstalled
cuonglm
commented
6 months ago @ajp2k13 Could you please try running ctrld interactively, using your config file (with doh3 set):
ctrld run --config=/jffs/controld/ctrld.toml -vvThen sending a query directly to ctrld's listener and see if it works?
ajp2k13
commented
6 months ago No it doesn’t work. Here’s some of the output:
Mar 7 18:20:34.163 DBG [f9f921] sending request header: map[X-Cd-Host:[RT-AX86U] X-Cd-Ip:[192.168.50.1] X-Cd-Mac:[24:4b:fe:32:28:a8] X-Cd-Os:[3-3-]] Mar 7 18:20:34.165 ERR [862231] failed to resolve query error="could not perform request: Get \"https://dns.controld.com/redacted?dns=EnYBAAABAAAAAAAABnZlcmlmeQhjb250cm9sZANjb20AABwAAQ\": INTERNAL_ERROR (local): write udp [::]:47370->76.76.2.22:443: sendmsg: invalid argument" Mar 7 18:20:34.165 ERR [862231] all [upstream.0] endpoints failed Mar 7 18:20:34.165 DBG [862231] received response of 37 bytes in 6.751103ms Mar 7 18:20:34.165 ERR [f9f921] failed to resolve query error="could not perform request: Get \"https://dns.controld.com/redacted?dns=C3YBAAABAAAAAAAABnZlcmlmeQhjb250cm9sZANjb20AAAEAAQ\": INTERNAL_ERROR (local): write udp [::]:47370->76.76.2.22:443: sendmsg: invalid argument" Mar 7 18:20:34.165 ERR [f9f921] all [upstream.0] endpoints failed Mar 7 18:20:34.165 DBG [f9f921] received response of 37 bytes in 3.562283ms
cuonglm
commented
6 months ago No it doesn’t work. Here’s some of the output:
Mar 7 18:20:34.163 DBG [f9f921] sending request header: map[X-Cd-Host:[RT-AX86U] X-Cd-Ip:[192.168.50.1] X-Cd-Mac:[24:4b:fe:32:28:a8] X-Cd-Os:[3-3-]] Mar 7 18:20:34.165 ERR [862231] failed to resolve query error="could not perform request: Get "https://dns.controld.com/redacted?dns=EnYBAAABAAAAAAAABnZlcmlmeQhjb250cm9sZANjb20AABwAAQ\": INTERNAL_ERROR (local): write udp [::]:47370->76.76.2.22:443: sendmsg: invalid argument" Mar 7 18:20:34.165 ERR [862231] all [upstream.0] endpoints failed Mar 7 18:20:34.165 DBG [862231] received response of 37 bytes in 6.751103ms Mar 7 18:20:34.165 ERR [f9f921] failed to resolve query error="could not perform request: Get "https://dns.controld.com/redacted?dns=C3YBAAABAAAAAAAABnZlcmlmeQhjb250cm9sZANjb20AAAEAAQ\": INTERNAL_ERROR (local): write udp [::]:47370->76.76.2.22:443: sendmsg: invalid argument" Mar 7 18:20:34.165 ERR [f9f921] all [upstream.0] endpoints failed Mar 7 18:20:34.165 DBG [f9f921] received response of 37 bytes in 3.562283ms
It seems to me your firewall is blocking UDP, which is required for DoH3. This log confirms what ctrld said in the output:
Mar 7 17:49:23.781 ??? ctrld service was running, but a DNS query could not be sent to its listener
Mar 7 17:49:23.781 ??? Please check your system firewall if it is configured to block/intercept/redirect DNS queriesIt worked fine using v1.3.4? New Merlin FW with new dnsmasq since then though. I’ll turn off dns director and check, didn’t make a difference before.
cuonglm
commented
6 months ago It worked fine using v1.3.4? New Merlin FW with new dnsmasq since then though. I’ll turn off dns director and check, didn’t make a difference before.
Oh, so it could be problem with the QUIC support in go standard library, which is used instead of quic-go.
I will investigate further (doh3 still works well in my local Linux machine).
ajp2k13
commented
6 months ago Thanks! Turning off dns director in Merlin fw didn’t help.
ajp2k13
commented
6 months ago I can confirm downloading v1.3.4 manually and running it with doh3 works. Also, the arm64 version works with my Asus AX86U even though the installer normally picks the armv5 version.
cuonglm
commented
6 months ago @ajp2k13 So it's quic-go problem: https://github.com/quic-go/quic-go/issues/3911#issuecomment-1805938265
TLDR: add QUIC_GO_DISABLE_ECN=true to your environment variable make things work again.
ajp2k13
commented
6 months ago Thanks, I will try this later if I can figure out how to make it permanent on Asuswrt Merlin…
ajp2k13
commented
6 months ago Looks like it’s working with the environment variable set, just hope I did it right so it survives a reboot. ☺️
cillin89
commented
6 months ago Same issue on USG.
yegors
commented
5 months ago Should be resolved in https://github.com/Control-D-Inc/ctrld/releases/tag/v1.3.6
Upgraded ctrld running on Asuswrt Merlin and everything stopped working, had to replace upstream ’doh3’ with ’doh’ to get it working again.
Also, why is the client list complete in ctrld but only a few visible on the dashboard? Maybe I’m doing something wrong when adding devices…