UDM Pro and iOS / apple issue

[justinbadal]

See this post on Reddit:

Post on reddit

I have everything set up as normal and instructed per the config pages, but even with an entirely blank filter / block situation, I still get the lack of internet connection warning.

[justinbadal]

Forgot to add, I noticed on my Windows 11 box that is connected to the UDM Pro network there was a report of no internet in network status. So it seems the issue is not isolated to apple devices only.

[cuonglm]

@justinbadal To clarify, devices report no internet connection, but you still visit websites. Is that right?

[justinbadal]

@cuonglm that is correct.

[yegors]

@justinbadal We need to have a look at your account, please email help@controld.com and reference this thread.

[justinbadal]

@yegors thanks. I emailed the address.

[vudam991]

I have the same issue but with Asus Merlin router, seemed like only on iPhones

[yegors]

We reproduced the issue. Investigating.

[yegors]

Cause found: When Apple device joins a network, it queries for captive.apple.com. This domain bypasses the DOH configuration, and uses a native OS resolver (this is needed to make captive portals work). On a UDM/UDR, this request fails to resolve while ctrld is running, which causes the "No network connection" message.

We will fix this.

[justinbadal]

Whoa! Thank you guys so much for working on this!

[nosuntoday]

New user: In the auto generated config of ctrld on my UDM I see the line

'captive.apple.com' = []},

Nevertheless I still have the problem described here. So if it has been fixed it does not work on my side.

[cuonglm]

New user: In the auto generated config of ctrld on my UDM I see the line

'captive.apple.com' = []},

Nevertheless I still have the problem described here. So if it has been fixed it does not work on my side.

This will only be fixed in next release of ctrld.

[yegors]

This is resolved in the latest release: https://github.com/Control-D-Inc/ctrld/releases/tag/v1.3.0

[mattmill98]

Unfortunately I'm still seeing this issue while running 1.3.0. iOS thinks there is no network when connected to my UDM-Pro running ctrld 1.3.0.

[yegors]

Are you sure you're running v1.3.0 with default configuration? We had multiple people confirm this is resolved, including ourselves.

[mattmill98]

Yep v1.3.0 and no config changes. Just re-pulled the binary and will see how it is over the next few days.

[cuonglm]

Yep v1.3.0 and no config changes. Just re-pulled the binary and will see how it is over the next few days.

Do you use --cd flag or local config?

[mattmill98]

I just run sh -c 'sh -c "$(curl -sL https://api.controld.com/dl)" -s RESOLVER_ID_HERE' and that's it.

[yegors]

Can you SSH into your UDM and run: nslookup captive.apple.com

What's the output?

[mattmill98]

Sure,

[cuonglm]

Sure,

Could you show the content of ctrld.toml?

[mattmill98]

Here it is:

[cuonglm]

@mattmill98 After you uninstall ctrld, what's the output of nslookup captive.apple.com?

[mattmill98]

Here:

[cuonglm]

Did you have any special config for dnsmasq? What's the DNS server that you use when ctrld uninstalled?

What's the content of /etc/resolv.conf (after uninstall ctrld)?

[mattmill98]

Did you have any special config for dnsmasq? - Not that I'm aware of never altered anything apart from DNS server IP within the UniFi controller which I removed when I installed ctrld. What's the DNS server that you use when ctrld uninstalled? - UDM's default, Cloudflare.

[yegors]

Please try a dev build using this install command:

sh -c 'sh -c "$(curl -sSL https://api.controld.dev/dl)"'

Let us know if this resolved the issue.

[mattmill98]

This dev build appears to fix it as I can now nslookup captive.apple.com. Will let you know if I see any issues on my apple devices over the next few days.

[jglemza]

I was having this same issue with my Firewalla. The dev build appears to fix it.