bitbeans / SimpleDnsCrypt

A simple management tool for dnscrypt-proxy
https://simplednscrypt.org
MIT License
2.31k stars 233 forks source link

DNSCrypt Service sometimes isn't starting #251

Open Dyras opened 6 years ago

Dyras commented 6 years ago

Greetings! Sometimes, like 1/10 startups, the DNSCrypt Service just won't start on its own. Don't know why, don't know how. All I know is that sometimes my connection just won't work until I manually start the service.

Write what you need and I'll supply you with whatever info you need.

d3bil0x commented 6 years ago

@gashtal I tested 0.5.6 x64 on Win10 1803 and the problem still occours.

Dyras commented 6 years ago

Same here on Windows 10 Pro N 1803. The service didn't start this morning :( 2018-06-25_11-49-03

licaon-kter commented 6 years ago

Seeing this too, latest version on W8:

Starting with cable plugged works ok as expected

abidohan commented 6 years ago

It was happened to me too. Start with @licaon-kter actions, I found that the service will start automatically and running smooth in condition; "the computer was connected either to wired network or WiFi before I logged in to Windows."

haiderim commented 6 years ago

I have the same issue and I see the following logs in event viewer

A timeout was reached (30000 milliseconds) while waiting for the dnscrypt-proxy service to connect. Or The dnscrypt-proxy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

What I did was add DHCP Client service as dependency for the DNSCrypt client proxy service using sc config: sc config dnscrypt-proxy depend= Dhcp

If this doesn't work I can just remove it by issuing: sc config dnscrypt-proxy depend= /

So far I've rebooted twice and everything seems to be working just fine. This was tested on Windows 10 x64 build 1803. Maybe others can test this and report back if it does indeed work for them or not?

Edit: After about 20+ reboots the service again failed to restart, had to manually start it. So I'm guessing this method doesn't work all the time.

glnzglnz commented 6 years ago

I am having this exact issue, on Win 7 Pro 64-bit. I did a workaround that seems to be working - see my post at https://github.com/bitbeans/SimpleDnsCrypt/issues/356 But I really hope this gets fixed because I'd like to recommend this to friends.

PhAlAnXcOiN commented 5 years ago

I'm having the same issue. Using Windows 10 64bit Enterprise Edition.

Upon restart probably 70% of the time I have to manually go in to simple dnscrypt and start dnscrypt service. I have tried a different fallback resolver other than the default, as the error log is stating issues with resolving raw.githubusercontent.com a copy of this is below:

2019-01-03 14:22:37.2119 ApplicationUpdater System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The remote name could not be resolved: 'raw.githubusercontent.com'
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
   --- End of inner exception stack trace ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Net.Http.HttpClient.<FinishSendAsyncUnbuffered>d__59.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Net.Http.HttpClient.<GetByteArrayAsyncCore>d__30.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
   at SimpleDnsCrypt.Helper.ApplicationUpdater.<DownloadRemoteUpdateFileAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
   at SimpleDnsCrypt.Helper.ApplicationUpdater.<CheckForRemoteUpdateAsync>d__1.MoveNext()

I have also tried netprobe timeout = 0 as has been suggested and it doesn't help. I have the following error that shows up in event viewer:

image

image

I just noticed that my router is setup to: "Use internal DNS - Allow dnsmasq to be your DNS server on LAN" so I disabled that, maybe that was causing an issue upon startup. I'll see if this makes any difference.

Dyras commented 5 years ago

@bitbeans is there any work being made to fix this? I think Simple DNSCrypt is an amazing program and it used to be a must-have-install on my computer. Now it's pretty much useless because of this, since it's completely ruining an otherwise great program.

cs96and commented 5 years ago

Are you on the latest version? I have not had this problem since upgrading to the latest version.

glnzglnz commented 5 years ago

Dyras and cs96and -- I agree with Dyras - this is a great program but it needs to be 99.9% foolproof before I can recommend it to friends and family. I am on the latest version (Simple DNSCrypt 0.6.2 with dnscrypt-proxy 2.0.19) with Advanced Settings - Netprobe Timeout set to zero, and I think it's better, but occasionally - maybe one out of ten reboots - there is an issue and my PC does not connect to the internet. There is sometimes an odd Stop-Start-Stop with the dnscrypt service. (Win 7 Pro 64-bit, with Avast Free AV and numerous startup apps, but I have 16GB RAM.) I am still running my workaround that seems to help - see my post at #356.
But not yet at 99.9%. Thanks,

PhAlAnXcOiN commented 5 years ago

So for some reason just relying on "setting dnscrypt service to automatic" and crossing fingers isn't enough for this thing to start every time. I have now set the service to manual and configured a task for it to start upon log on of any user. Copy what i did by looking at the following screenshots. Hopefully this will finally solve the issue.

image image image image image image

The picture of how to configure the action doesn't show the whole story, be sure you paste in the following:

START "DNSCrypt client proxy"

under the add arguments field.

PhAlAnXcOiN commented 5 years ago

I can say that after performing the above described strategy- this is finally solved for me. Dnscrypt is now working freaking awesome and not once has it failed to start over at least 50 restarts.

Xalaxis commented 5 years ago

I believe this problem is caused by DNSCrypt proxy attempting to start before a network interface is available. I made the service dependant on network services being available and all problems seem resolved. The easiest way of doing this is sc.exe config dnscrypt-proxy depend=nsi from a command line. I've not had any problems since.

@PhAlAnXcOiN can you try this instead of your workaround? What you did with task scheduler definitely shouldn't be the main way of fixing this.

licaon-kter commented 5 years ago

@Xalaxis fails with

[SC] OpenSCManager FAILED 1722:
RPC server unavailable.

What am I missing?

Xalaxis commented 5 years ago

@licaon-kter Did you perhaps accidentally put a slash in the command? It looks like SC is attempting to connect to a remote machine. Did you run the command as administrator?

licaon-kter commented 5 years ago

@Xalaxis well, I've used \\localhostsname as the help says.

Else, without it, it would just show the help, as if the command is missing some param or I've made a typo.

As Admin, Win7 64bit.

Xalaxis commented 5 years ago

@licaon-kter That's strange, this works fine for me with no changes in both Powershell and command prompt.

PS C:\Windows\system32> sc.exe config dnscrypt-proxy depend=nsi
[SC] ChangeServiceConfig SUCCESS
PS C:\Windows\system32> cmd
Microsoft Windows [Version 10.0.17763.379]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sc.exe config dnscrypt-proxy depend=nsi
[SC] ChangeServiceConfig SUCCESS

Have you made sure you aren't using quotes around the commands? Have you modified the service control manager in any manner?

Xalaxis commented 5 years ago

Additional thought: Perhaps Windows modified the behavior of sc.exe in Windows 8/10+? (As I'm running Windows 10)

Xalaxis commented 5 years ago

I'm trying the following now (using the same dependencies as the official NSI service):


PS C:\Windows\system32> sc.exe config dnscrypt-proxy depend=rpcss/nsiproxy
[SC] ChangeServiceConfig SUCCESS
PS C:\Windows\system32> sc.exe qc dnscrypt-proxy
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: dnscrypt-proxy
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy\dnscrypt-proxy.exe"
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : DNSCrypt client proxy
        DEPENDENCIES       : rpcss
                           : nsiproxy
        SERVICE_START_NAME : LocalSystem```
Xalaxis commented 5 years ago

Whatever success I was getting before seems to have gone away now. The same problem has returned.

Xalaxis commented 5 years ago

(Running Simple DNSCrypt 0.6.4 (x64) [dnscrypt-proxy 2.0.22)

Okay, I seem to have finally resolved all my problems.

The service not starting was caused by the netprobe setting. By setting it to 0 as described by @PhAlAnXcOiN I seem to be getting 100% reliable starts now.

Windows thinking there is no network access was caused by a semi-rare quirk where some computers can't passively detect internet traffic properly. I resolved this issue by following the instructions described under "A Fix from Microsoft (Windows 10 Fall 2017 Creators Update)".

I'll report back if I start having issues again, but this seems to fix things for me.

@licaon-kter Have you tried the netprobe setting tweak already?

glnzglnz commented 5 years ago

On a reboot just now of Win 10 Pro 64-bit, dnscrypt-proxy did not start. On the next reboot, it did. Simple DNSCrypt 0.6.4 (x64) running dnscrypt-proxy 2.0.22. This is rare, but it happens. Unfortunately, when it does, my PC is cut off from the internet, and I can't get to it remotely to reboot it or manually start the service. My workaround is not running on the Win 10, only on my Win 7 (where I actually shut it off - will also keep an eye there). Oh, I wish this didn't happen - I really want to recommend it to friends and family.

glnzglnz commented 5 years ago

Update to my comment immediately above - with Simple DNSCrypt 0.6.4 pushing dnscrypt-proxy 2.0.22 and Netprobe Timeout set to 0, I haven't had a bad start in five days on both sides of my dual-booting 7 + 10 x64 machine. I think my issue directly above may have been something else. Fingers crossed.

jonschz commented 5 years ago

Hello, I am also affected by this problem and none of the suggestions here seem to help (except starting the service through scheduled tasks, which I have not tried yet). What I tried so far: 1) Added "-netprobe-timeout 0" to the service. 2) Made the service depend on rpcss and nsiproxy.

It most likely has to do with my internet connection being a bit dodgy and that my router sometimes only provides a connection after I logged in. However, the current behaviour is, in my opinion, far too dependent on a stable internet connection at startup.

Would it be possible to have the service not crash when there is no internet connection, but instead periodically poll for connections and resolving using the fallback DNS server until a connection can be made? As it is now, about 1/10 to 1/20 startups crashes.

Logfiles: log_crash1.txt log_crash2.txt

Xalaxis commented 5 years ago

Just updating on my experience. With the same two changes @psisquared2 made, I'm at about a 1/50 fail to start rate. They're right though, that's still too high to consider the issue fixed.

On Mon, 27 May 2019, 18:25 psisquared2, notifications@github.com wrote:

Hello, I am also affected by this problem and none of the suggestions here seem to help (except starting the service through scheduled tasks, which I have not tried yet). What I tried so far:

  1. Added "-netprobe-timeout 0" to the service.
  2. Made the service depend on rpcss and nsiproxy.

It most likely has to do with my internet connection being a bit dodgy and that my router sometimes only provides a connection after I logged in. However, the current behaviour is, in my opinion, far too dependent on a stable internet connection at startup.

Would it be possible to have the service not crash when there is no internet connection, but instead periodically poll for connections and resolving using the fallback DNS server until a connection can be made? As it is now, about 1/10 to 1/20 startups crashes.

Logfiles: log_crash1.txt https://github.com/bitbeans/SimpleDnsCrypt/files/3224603/log_crash1.txt log_crash2.txt https://github.com/bitbeans/SimpleDnsCrypt/files/3224604/log_crash2.txt

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitbeans/SimpleDnsCrypt/issues/251?email_source=notifications&email_token=ADCWV3AFE4OHVZM6BASGHW3PXQKQTA5CNFSM4ETESCPKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWKH4HQ#issuecomment-496270878, or mute the thread https://github.com/notifications/unsubscribe-auth/ADCWV3G7CVRPPJLIZWUANJDPXQKQTANCNFSM4ETESCPA .

wrkerr commented 5 years ago

Not sure if it's the same or a different issue, but I can't get the DNSCrypt service to start at all. I get the following when I try to launch it in elevated PowerShell.

PS C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy> .\dnscrypt-proxy.exe [2019-10-18 13:14:53] [NOTICE] Network connectivity detected [2019-10-18 13:14:53] [NOTICE] Source [public-resolvers.md] loaded [2019-10-18 13:14:53] [NOTICE] dnscrypt-proxy 2.0.25 [2019-10-18 13:14:53] [FATAL] listen udp 127.0.0.1:53: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.

This is on Windows 10, with SimpleDNSCrypt 0.6.6 (dnscrypt-proxy 2.0.25).

Xalaxis commented 5 years ago

That sounds like you already have something using the DNS port on your machine.

On Fri, 18 Oct 2019, 18:22 wrkerr, notifications@github.com wrote:

Not sure if it's the same or a different issue, but I can't get the DNSCrypt service to start at all. I get the following when I try to launch it in elevated PowerShell.

PS C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy> .\dnscrypt-proxy.exe [2019-10-18 13:14:53] [NOTICE] Network connectivity detected [2019-10-18 13:14:53] [NOTICE] Source [public-resolvers.md] loaded [2019-10-18 13:14:53] [NOTICE] dnscrypt-proxy 2.0.25 [2019-10-18 13:14:53] [FATAL] listen udp 127.0.0.1:53: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.

This is on Windows 10, with SimpleDNSCrypt 0.6.6.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitbeans/SimpleDnsCrypt/issues/251?email_source=notifications&email_token=ADCWV3CORZLZH23YOMCOLBTQPHWGHA5CNFSM4ETESCPKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBVHBGQ#issuecomment-543846554, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCWV3D5ZIRZMAAMY36Q4V3QPHWGHANCNFSM4ETESCPA .

wrkerr commented 5 years ago

If I change the listen address to 127.0.0.1:5353 I can enable the service, but then it appears my system isn't using DNSCrypt at all. I must be missing something.

slyphnier commented 5 years ago

If I change the listen address to 127.0.0.1:5353 I can enable the service, but then it appears my system isn't using DNSCrypt at all. I must be missing something.

did u installed/have active "internet-security" software running ? some of those internet-security have secure connection, which then connecting/forwarding to their DNS for blocking malicious address so first check for internet-security / firewall software

Xalaxis commented 5 years ago

I'm pretty sure Windows will only use DNS running on the default port.

dimsdein commented 4 years ago

I also have random issues with dsncrypt service throug suspend/reactivate on laptop

Dyras commented 4 years ago

If anyone is interested in trying an alternative, you can always check out YogaDNS.

Here's how to set it up to use DNSCrypt with Quad9:

Option 1:

  1. Download and import this configuration. https://mega.nz/#!qApgWazb!uFdY3o3xnGWsgWjJs1KRwcX6lJGnZYGCJc4AUSgbJt8 (File -> Import configuration)
  2. File -> Autostart (To make sure it starts on Windows startup)

Congratulations, you are now using Anonymized DNSCrypt!

Option 2:

  1. File -> Autostart (To make sure it starts on Windows startup)
  2. Configuration -> DNS Servers -> Add
  3. Click sdns://
  4. Enter sdns://AQMAAAAAAAAADDkuOS45Ljk6ODQ0MyBnyEe4yHWM0SAkVUO-dWdG3zTfHYTAC4xHA2jfgh2GPhkyLmRuc2NyeXB0LWNlcnQucXVhZDkubmV0
  5. Give it a friendly name, preferably "Quad9"
  6. Click OK
  7. Click OK again
  8. Configuration -> Rules -> Add
  9. Enter this: Name: Quad9 Hostnames: * Action: Process DNS Server: Quad9 (Or whatever you entered at 5)
  10. Click OK
  11. Click OK again
  12. Go visit a website. Does it say something like: [01.02 01:31:04] amazon.com - process : server=Quad9 (DNSCrypt), rule=Quad9
  13. If it does, it works!