DNSCrypt Service sometimes isn't starting

[Dyras]

Greetings! Sometimes, like 1/10 startups, the DNSCrypt Service just won't start on its own. Don't know why, don't know how. All I know is that sometimes my connection just won't work until I manually start the service.

Write what you need and I'll supply you with whatever info you need.

[d3bil0x]

@gashtal I tested 0.5.6 x64 on Win10 1803 and the problem still occours.

[Dyras]

Same here on Windows 10 Pro N 1803. The service didn't start this morning :(

[licaon-kter]

Seeing this too, latest version on W8:

• start Windows w/ cable unplugged (so no internet)
• connect cable after a while
• can't resolve anything
• open the app...see that the service is stopped
• start the service
• everything is ok

Starting with cable plugged works ok as expected

[abidohan]

It was happened to me too. Start with @licaon-kter actions, I found that the service will start automatically and running smooth in condition; "the computer was connected either to wired network or WiFi before I logged in to Windows."

[haiderim]

I have the same issue and I see the following logs in event viewer

A timeout was reached (30000 milliseconds) while waiting for the dnscrypt-proxy service to connect. Or The dnscrypt-proxy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

What I did was add DHCP Client service as dependency for the DNSCrypt client proxy service using sc config: sc config dnscrypt-proxy depend= Dhcp

If this doesn't work I can just remove it by issuing: sc config dnscrypt-proxy depend= /

So far I've rebooted twice and everything seems to be working just fine. This was tested on Windows 10 x64 build 1803. Maybe others can test this and report back if it does indeed work for them or not?

Edit: After about 20+ reboots the service again failed to restart, had to manually start it. So I'm guessing this method doesn't work all the time.

[glnzglnz]

I am having this exact issue, on Win 7 Pro 64-bit. I did a workaround that seems to be working - see my post at https://github.com/bitbeans/SimpleDnsCrypt/issues/356 But I really hope this gets fixed because I'd like to recommend this to friends.

[PhAlAnXcOiN]

I'm having the same issue. Using Windows 10 64bit Enterprise Edition.

Upon restart probably 70% of the time I have to manually go in to simple dnscrypt and start dnscrypt service. I have tried a different fallback resolver other than the default, as the error log is stating issues with resolving raw.githubusercontent.com a copy of this is below:

2019-01-03 14:22:37.2119 ApplicationUpdater System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The remote name could not be resolved: 'raw.githubusercontent.com'
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
   --- End of inner exception stack trace ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Net.Http.HttpClient.<FinishSendAsyncUnbuffered>d__59.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Net.Http.HttpClient.<GetByteArrayAsyncCore>d__30.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
   at SimpleDnsCrypt.Helper.ApplicationUpdater.<DownloadRemoteUpdateFileAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
   at SimpleDnsCrypt.Helper.ApplicationUpdater.<CheckForRemoteUpdateAsync>d__1.MoveNext()

I have also tried netprobe timeout = 0 as has been suggested and it doesn't help. I have the following error that shows up in event viewer:

I just noticed that my router is setup to: "Use internal DNS - Allow dnsmasq to be your DNS server on LAN" so I disabled that, maybe that was causing an issue upon startup. I'll see if this makes any difference.

[Dyras]

@bitbeans is there any work being made to fix this? I think Simple DNSCrypt is an amazing program and it used to be a must-have-install on my computer. Now it's pretty much useless because of this, since it's completely ruining an otherwise great program.

[cs96and]

Are you on the latest version? I have not had this problem since upgrading to the latest version.

[glnzglnz]

Dyras and cs96and -- I agree with Dyras - this is a great program but it needs to be 99.9% foolproof before I can recommend it to friends and family. I am on the latest version (Simple DNSCrypt 0.6.2 with dnscrypt-proxy 2.0.19) with Advanced Settings - Netprobe Timeout set to zero, and I think it's better, but occasionally - maybe one out of ten reboots - there is an issue and my PC does not connect to the internet. There is sometimes an odd Stop-Start-Stop with the dnscrypt service. (Win 7 Pro 64-bit, with Avast Free AV and numerous startup apps, but I have 16GB RAM.) I am still running my workaround that seems to help - see my post at #356.
But not yet at 99.9%. Thanks,

[PhAlAnXcOiN]

So for some reason just relying on "setting dnscrypt service to automatic" and crossing fingers isn't enough for this thing to start every time. I have now set the service to manual and configured a task for it to start upon log on of any user. Copy what i did by looking at the following screenshots. Hopefully this will finally solve the issue.

The picture of how to configure the action doesn't show the whole story, be sure you paste in the following:

START "DNSCrypt client proxy"

under the add arguments field.

[PhAlAnXcOiN]

I can say that after performing the above described strategy- this is finally solved for me. Dnscrypt is now working freaking awesome and not once has it failed to start over at least 50 restarts.

[Xalaxis]

I believe this problem is caused by DNSCrypt proxy attempting to start before a network interface is available. I made the service dependant on network services being available and all problems seem resolved. The easiest way of doing this is sc.exe config dnscrypt-proxy depend=nsi from a command line. I've not had any problems since.

@PhAlAnXcOiN can you try this instead of your workaround? What you did with task scheduler definitely shouldn't be the main way of fixing this.

[licaon-kter]

@Xalaxis fails with

[SC] OpenSCManager FAILED 1722:
RPC server unavailable.

What am I missing?

[Xalaxis]

@licaon-kter Did you perhaps accidentally put a slash in the command? It looks like SC is attempting to connect to a remote machine. Did you run the command as administrator?

[licaon-kter]

@Xalaxis well, I've used \\localhostsname as the help says.

Else, without it, it would just show the help, as if the command is missing some param or I've made a typo.

As Admin, Win7 64bit.

[Xalaxis]

@licaon-kter That's strange, this works fine for me with no changes in both Powershell and command prompt.

PS C:\Windows\system32> sc.exe config dnscrypt-proxy depend=nsi
[SC] ChangeServiceConfig SUCCESS
PS C:\Windows\system32> cmd
Microsoft Windows [Version 10.0.17763.379]
(c) 2018 Microsoft Corporation. All rights reserved.

C:\Windows\system32>sc.exe config dnscrypt-proxy depend=nsi
[SC] ChangeServiceConfig SUCCESS

Have you made sure you aren't using quotes around the commands? Have you modified the service control manager in any manner?

[Xalaxis]

Additional thought: Perhaps Windows modified the behavior of sc.exe in Windows 8/10+? (As I'm running Windows 10)

[Xalaxis]

I'm trying the following now (using the same dependencies as the official NSI service):

PS C:\Windows\system32> sc.exe config dnscrypt-proxy depend=rpcss/nsiproxy
[SC] ChangeServiceConfig SUCCESS
PS C:\Windows\system32> sc.exe qc dnscrypt-proxy
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: dnscrypt-proxy
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy\dnscrypt-proxy.exe"
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : DNSCrypt client proxy
        DEPENDENCIES       : rpcss
                           : nsiproxy
        SERVICE_START_NAME : LocalSystem```

[Xalaxis]

Whatever success I was getting before seems to have gone away now. The same problem has returned.

[Xalaxis]

(Running Simple DNSCrypt 0.6.4 (x64) [dnscrypt-proxy 2.0.22)

Okay, I seem to have finally resolved all my problems.

The service not starting was caused by the netprobe setting. By setting it to 0 as described by @PhAlAnXcOiN I seem to be getting 100% reliable starts now.

Windows thinking there is no network access was caused by a semi-rare quirk where some computers can't passively detect internet traffic properly. I resolved this issue by following the instructions described under "A Fix from Microsoft (Windows 10 Fall 2017 Creators Update)".

I'll report back if I start having issues again, but this seems to fix things for me.

@licaon-kter Have you tried the netprobe setting tweak already?

[glnzglnz]

On a reboot just now of Win 10 Pro 64-bit, dnscrypt-proxy did not start. On the next reboot, it did. Simple DNSCrypt 0.6.4 (x64) running dnscrypt-proxy 2.0.22. This is rare, but it happens. Unfortunately, when it does, my PC is cut off from the internet, and I can't get to it remotely to reboot it or manually start the service. My workaround is not running on the Win 10, only on my Win 7 (where I actually shut it off - will also keep an eye there). Oh, I wish this didn't happen - I really want to recommend it to friends and family.

[glnzglnz]

Update to my comment immediately above - with Simple DNSCrypt 0.6.4 pushing dnscrypt-proxy 2.0.22 and Netprobe Timeout set to 0, I haven't had a bad start in five days on both sides of my dual-booting 7 + 10 x64 machine. I think my issue directly above may have been something else. Fingers crossed.

[jonschz]

Hello, I am also affected by this problem and none of the suggestions here seem to help (except starting the service through scheduled tasks, which I have not tried yet). What I tried so far: 1) Added "-netprobe-timeout 0" to the service. 2) Made the service depend on rpcss and nsiproxy.

It most likely has to do with my internet connection being a bit dodgy and that my router sometimes only provides a connection after I logged in. However, the current behaviour is, in my opinion, far too dependent on a stable internet connection at startup.

Would it be possible to have the service not crash when there is no internet connection, but instead periodically poll for connections and resolving using the fallback DNS server until a connection can be made? As it is now, about 1/10 to 1/20 startups crashes.

Logfiles: log_crash1.txt log_crash2.txt

[Xalaxis]

Just updating on my experience. With the same two changes @psisquared2 made, I'm at about a 1/50 fail to start rate. They're right though, that's still too high to consider the issue fixed.

On Mon, 27 May 2019, 18:25 psisquared2, notifications@github.com wrote:

Hello, I am also affected by this problem and none of the suggestions here seem to help (except starting the service through scheduled tasks, which I have not tried yet). What I tried so far:

1. Added "-netprobe-timeout 0" to the service.
2. Made the service depend on rpcss and nsiproxy.

It most likely has to do with my internet connection being a bit dodgy and that my router sometimes only provides a connection after I logged in. However, the current behaviour is, in my opinion, far too dependent on a stable internet connection at startup.

Would it be possible to have the service not crash when there is no internet connection, but instead periodically poll for connections and resolving using the fallback DNS server until a connection can be made? As it is now, about 1/10 to 1/20 startups crashes.

Logfiles: log_crash1.txt https://github.com/bitbeans/SimpleDnsCrypt/files/3224603/log_crash1.txt log_crash2.txt https://github.com/bitbeans/SimpleDnsCrypt/files/3224604/log_crash2.txt

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitbeans/SimpleDnsCrypt/issues/251?email_source=notifications&email_token=ADCWV3AFE4OHVZM6BASGHW3PXQKQTA5CNFSM4ETESCPKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWKH4HQ#issuecomment-496270878, or mute the thread https://github.com/notifications/unsubscribe-auth/ADCWV3G7CVRPPJLIZWUANJDPXQKQTANCNFSM4ETESCPA .

[wrkerr]

Not sure if it's the same or a different issue, but I can't get the DNSCrypt service to start at all. I get the following when I try to launch it in elevated PowerShell.

PS C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy> .\dnscrypt-proxy.exe [2019-10-18 13:14:53] [NOTICE] Network connectivity detected [2019-10-18 13:14:53] [NOTICE] Source [public-resolvers.md] loaded [2019-10-18 13:14:53] [NOTICE] dnscrypt-proxy 2.0.25 [2019-10-18 13:14:53] [FATAL] listen udp 127.0.0.1:53: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.

This is on Windows 10, with SimpleDNSCrypt 0.6.6 (dnscrypt-proxy 2.0.25).

[Xalaxis]

That sounds like you already have something using the DNS port on your machine.

On Fri, 18 Oct 2019, 18:22 wrkerr, notifications@github.com wrote:

Not sure if it's the same or a different issue, but I can't get the DNSCrypt service to start at all. I get the following when I try to launch it in elevated PowerShell.

PS C:\Program Files\bitbeans\Simple DNSCrypt x64\dnscrypt-proxy> .\dnscrypt-proxy.exe [2019-10-18 13:14:53] [NOTICE] Network connectivity detected [2019-10-18 13:14:53] [NOTICE] Source [public-resolvers.md] loaded [2019-10-18 13:14:53] [NOTICE] dnscrypt-proxy 2.0.25 [2019-10-18 13:14:53] [FATAL] listen udp 127.0.0.1:53: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.

This is on Windows 10, with SimpleDNSCrypt 0.6.6.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bitbeans/SimpleDnsCrypt/issues/251?email_source=notifications&email_token=ADCWV3CORZLZH23YOMCOLBTQPHWGHA5CNFSM4ETESCPKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBVHBGQ#issuecomment-543846554, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCWV3D5ZIRZMAAMY36Q4V3QPHWGHANCNFSM4ETESCPA .

[wrkerr]

If I change the listen address to 127.0.0.1:5353 I can enable the service, but then it appears my system isn't using DNSCrypt at all. I must be missing something.

[slyphnier]

If I change the listen address to 127.0.0.1:5353 I can enable the service, but then it appears my system isn't using DNSCrypt at all. I must be missing something.

did u installed/have active "internet-security" software running ? some of those internet-security have secure connection, which then connecting/forwarding to their DNS for blocking malicious address so first check for internet-security / firewall software

[Xalaxis]

I'm pretty sure Windows will only use DNS running on the default port.

[dimsdein]

I also have random issues with dsncrypt service throug suspend/reactivate on laptop

[Dyras]

If anyone is interested in trying an alternative, you can always check out YogaDNS.

Here's how to set it up to use DNSCrypt with Quad9:

Option 1:

1. Download and import this configuration. https://mega.nz/#!qApgWazb!uFdY3o3xnGWsgWjJs1KRwcX6lJGnZYGCJc4AUSgbJt8 (File -> Import configuration)
2. File -> Autostart (To make sure it starts on Windows startup)

Congratulations, you are now using Anonymized DNSCrypt!

Option 2:

1. File -> Autostart (To make sure it starts on Windows startup)
2. Configuration -> DNS Servers -> Add
3. Click sdns://
4. Enter sdns://AQMAAAAAAAAADDkuOS45Ljk6ODQ0MyBnyEe4yHWM0SAkVUO-dWdG3zTfHYTAC4xHA2jfgh2GPhkyLmRuc2NyeXB0LWNlcnQucXVhZDkubmV0
5. Give it a friendly name, preferably "Quad9"
6. Click OK
7. Click OK again
8. Configuration -> Rules -> Add
9. Enter this: Name: Quad9 Hostnames: * Action: Process DNS Server: Quad9 (Or whatever you entered at 5)
10. Click OK
11. Click OK again
12. Go visit a website. Does it say something like: [01.02 01:31:04] amazon.com - process : server=Quad9 (DNSCrypt), rule=Quad9
13. If it does, it works!