v055i,j: DNS gets stuck sometimes

[opk12]

Since a few versions, it sometimes happens that

• I pick up the phone
• I open a website or an app
• if I had already visited the website recently (e.g., the same morning or so) -> no problem
• else -> the app sees DNS failure (Couldn't resolve host), and the domain is not listed in the DNS logs and in the firewall logs
• I stop and restart Rethink from the button in the homepage
• everything works

Instead, disconnecting and reconnecting the WiFi / Mobile has no effect.

This happens on both WiFi and mobile.

I have quickly read #1358. I am opening a different issue, because - the Rethink GUI works - it is not a WiFi-only or mobile-only thing - it is not all-or-nothing (I can connect to domains that were already resolved recently).

I'm on 0.5.5i from F-droid, but this started a few releases ago (I think that 0.5.5a was OK).

[ignoramous]

We've fixed a few connectivity/dns related things in v055j, which has been submitted to F-Droid. Alternatively, you can grab it from here (for a fresh install): github and website.

[OrkoGrayskull]

Problem still exists with version 0.5.5j.

[ignoramous]

What DNS do you use? System DNS? What's the Fallback DNS in Configure -> Network set to?

If you're technical enough, can you turn on Verbose logging (Configure -> Settings -> Log level) and use adb logcat to see what's going when the device enters this state and refuses to resolve DNS entries (in fact, you say that the DNS entries don't even show up in the DNS Logs, which means, Rethink isn't even seeing DNS queries).

[OrkoGrayskull]

I use System DNS without Fallback. My local DNS works fine. There is no problem with other devices.

I switchted to Verbose logging. Sometimes you can see a question mark on DNS-Tab and the error is no response. But remember, there is no such problem on my other network devices.

Sometimes the DNS resolution works just fine, but nothing happens. It seems like the app (browser etc.) is not getting the information. The apps then just hang.

[ignoramous]

Can you see if switching to Auto in Configure -> Network -> Choose IP version fixes it?

If it doesn't then in addition to Auto, you can try toggling Use all available networks to ON, too.

We'll keep looking for clues as that part of the code is definitely complicated, esp Fallback DNS set to None + System DNS is a slightly fraught setup...

[OrkoGrayskull]

Can you see if switching to Auto in Configure -> Network -> Choose IP version fixes it?

I already use Auto.

If it doesn't then in addition to Auto, you can try toggling Use all available networks to ON, too.

Enabled it. No fix. Same behaviour.

[ignoramous]

You see "no response" and it never auto-recovers, correct?

1. Can you see what the resolver IP address is (it shown in the bottomsheet that comes up when you tap on DNS log entries; as resolved by system.<ip.addr>...) when you see "no response" entries in DNS logs
   • Check if that the resolver IP is different for entries when it works just fine (after you STOP / START rethink)?
2. What is mentioned in the footer of the bottomsheet (it should either way no error or show some error msg) for "no response" entries in DNS logs?

[opk12]

I use DoH Cloudflare, Fallback set to Cloudflare. I haven't checked Auto and Use all available networks yet as I don't know how to trigger reliably.

[OrkoGrayskull]

You see "no response" and it never auto-recovers, correct?

Yes, I see no response in green letters. And afterwards in the DNS tab two more log entries for the domain for which the DNS resolution then works. However, this information does not seem to arrive at the app (browser etc.) - because the requests run into a timeout there.

1. Can you see what the resolver IP address is (it shown in the bottomsheet that comes up when you tap on DNS log entries; as resolved by system....) when you see "no response" entries in DNS logs Check if that the resolver IP is different for entries when it works just fine (after you STOP / START rethink)?

The IP address is as follows for calls that do not work:

system.[fd00::a41...]:53

For successful DNS resolutions then:

alg.system.[fd00::a41...]:53

2. What is mentioned in the footer of the bottomsheet (it should either way no error or show some error msg) for "no response" entries in DNS logs?

It says: no error

[ignoramous]

Thanks.

Yes, I see no response in green letters. And afterwards in the DNS tab two more log entries for the domain for which the DNS resolution then works ... It says: no error

Hmmm, we might possibly be looking at a non-symptom here: For "no response", it is likely the Query type (shown in the top left-hand corner of the bottomsheet) is different. For example, twitter.com doesn't have IPv6 (query type), and so, a "no response" for it is expected.

In this case (as examining just the DNS Logs aren't helping), I think we need Verbose logs (Configure -> Settings -> Log level) to see what's going on.

You will need to capture the Verbose logs (exactly from at the time the issue happens) via adb logcat.

use DoH Cloudflare, Fallback set to Cloudflare

With this setup, you don't see issues (as before with System DNS on both mobile and wifi)?

[opk12]

We are 2 people. :) I see issues with Cloudflare and have never used the System DNS. OrkoGrayskull sees issues with System DNS and is not using Cloudflare. So the System DNS mentioned in the issue title might not be responsible after all.

[PikaGamer8]

I have a similar problem again. Thanks for fixing the app crashing by the way. It started happening in the last update and every time in the newest one. This is what I get.

[ignoramous]

Thanks for fixing the app crashing by the way. It started happening in the last update and every time in the newest one.

Why thank you for the logs.

Seems like NextDNS (the DoH provider in-use) is refusing to answer over the WireGuard proxy for an extended period (10s or more) and the app (Rethink) enter a "hangover" state (which disables DNS Booster and other such optimizations, but nothing too drastic).

As a workaround, you can consider turning ON Never proxy DNS in Configure -> DNS and see if things improve? Or, contact NextDNS and get your WireGuard provider's IPs allowlisted.

[OrkoGrayskull]

Version v0.5.5l fixed it for me!

[turbamulta]

I don't know what has happened but until 0.5.5.i everything was working great. Now, it's impossible to use it.

I was using ODoH with Clouflare and the main thing I see is that before 90% of my DNS requests were cached, now barely any is (like the booster is broken), and all of them take a really long time to resolve. Wireguard or no wireguard, switching providers, switching DNS methods, doesn't matter.

Hopefully F-Droid doesn't take too long to release the new versions.

[ignoramous]

Hopefully F-Droid doesn't take too long to release the new versions.

It can take anywhere between a week to a month for F-Droid to pick up a version (we've released 4 versions just this month).

The reason we're hitting these bugs is a lot has changed after integrating WireGuard and the failure modes are just too many (for instance, we ourselves see very few of the issues users report and yet these bugs are right there).

If you're technical enough, you can put Rethink's Log level in Very Verbose mode (in Configure -> Settings), and observe adb logcat output to see if there are any clues in there (or even share the output with us).

[opk12]

0.5.5L fixed it for me as well. Thank you!