dns inaccessible

[jameseck]

I'm having problems trying to run this as an Openshift pod. I've previously had it working with no problems at all but one of the recent commits seems to have broken it for me.

Commit: 0212220314ba5fdf161f19f60429c96429d2c8e8 removed the iptables rules to allow ingress/egress DNS traffic which prevents the initial DNS lookup for the VPN endpoint (x.privateinternetaccess.com) to fail.

It's possible and likely that I'm missing something here so I'd appreciate any advice.

[binhex]

That commit is to prevent IP leakage via DNS lookup, it will allow the initial lookup of the endpoint and after that all DNS resolution is only done over the vpn tunnel, no DNS lookup locally or external.

[sabrsorensen]

I'm experiencing this as well, I'm unable to resolve any hosts once the VPN has connected, and Deluge is unable to announce to any trackers because the hostname won't resolve.

[binhex]

check your value for NAME_SERVERS you cannot use your ISP's dns, as this will be blocked as soon as the tunnel is established, you also cannot point it at your own name servers on your LAN, as this is also blocked, so go with the defaults and you should be good.

[sabrsorensen]

I've tried using 9.9.9.9, 8.8.8.8, and 8.8.4.4, and also not specifying NAME_SERVERS, and I still see:

2017-12-06 07:50:58,588 DEBG 'start-script' stdout output: [debug] Failed to get external IP using Name Server 'ns1.google.com', trying 'resolver1.opendns.com'...

2017-12-06 07:50:58,606 DEBG 'start-script' stdout output: [debug] Cannot determine external IP address, retrying...

2017-12-06 07:50:59,608 DEBG 'start-script' stdout output: [debug] Attempting to get external IP using Name Server 'ns1.google.com'...

2017-12-06 07:50:59,623 DEBG 'start-script' stdout output: [debug] Failed to get external IP using Name Server 'ns1.google.com', trying 'resolver1.opendns.com'...

2017-12-06 07:50:59,644 DEBG 'start-script' stdout output: [debug] Cannot determine external IP address, retrying...

2017-12-06 07:51:00,150 DEBG 'deluge-script' stdout output: [debug] Waiting for valid IP address from tunnel...

and Deluge is also unable to announce to the trackers:

Error: Host not found (authoritative)

[binhex]

hmm ok that is odd, for me to diagnose this any further im going to have to get you to post your supervisord.log file, can you please do the following:-

https://forums.lime-technology.com/topic/44108-support-binhex-general/?do=findComment&comment=435831

[binhex]

one other thing you can try is issue the following command on your host, im thinking your ISP maybe preventing dns lookup from anything other than its own name servers:-

nslookup google.com 8.8.8.8

please post the result of the above command.

[Toetje585]

I'm facing the same problem on Ubuntu 16.04.03>

2017-12-31 22:12:27,927 DEBG 'start-script' stdout output: [debug] Failed to get external IP using Name Server 'ns1.google.com', trying 'resolver1.opendns.com'...

log.txt

Tried all kinds of DNS servers, DNS is not working!

Update #1: ISP is not blocking request for sure. Update #2: docker exec -i -t delugevpn /bin/bash

[root@c29322fc5387 /]# nslookup google.com Server: 209.222.18.222 Address: 209.222.18.222#53

Non-authoritative answer: Name: google.com Address: 172.217.13.142 Name: google.com Address: 2607:f8b0:4020:805::200e

Deluge: Error: Host not found (authoritative)

Update #3: Even without a VPN dns is not working for deluge.

Just to be sure, I added a few more trackers it happens to all of them.

Any clue?

Best Regards,

[sabrsorensen]

I came back to this image a couple days ago, and haven't been able to reproduce my original DNS issue. I'm using a custom VPN provider via the config files from VPNArea, is it possible there was an issue on the provider's side causing the DNS failures?

[binhex]

Yes thats a possibility.