ios app private dns not work

[rookie-man-fack]

The private DNS service is working properly on Mac OS and Linux, and browsers and other applications can parse DNS records normally, but iOS cannot parse private DNS records

[rookie-man-fack]

[ykorzikowski]

I don't know if this is the same issue, but I notice with the latest iOS / Netbird App, that the dns setting is not setup correct anymore.

I can ping my dns server from the iphone, but it still uses the dhcp one provided by my local network or the mobile provider one when on 4G/5G. Running the latest iOS17.3 and using the most recent netbird app 0.0.2.

[rookie-man-fack]

Yes, the packet capture shows that the iOS client does not smuggle DNS routes. This should be the system mechanism of iOS.

[bcmmbaga]

Hello @rookie-man-fack, we're unable to reproduce the issue on our end. It's important to note that not all terminal clients behaves well in iOS. I suggest testing the name resolution by accessing a web server connected via Netbird through a browser on your iOS device.

[Benricheson101]

I am having the same issue. Adding a DNS Nameserver with an IP accessible through a Network Route in Netbird works as expected on the desktop client, but no DNS queries seem to resolve on iOS.

[jacac]

Tests on a iPad were successful. On a iPhone we could not get DNS working. I've tried both with Match domains and All.

[alexstrzelecki]

Can confirm that iOS (iPhone) will not resolve any DNS via the selected nameserver while desktop clients do so without issue via the same network route. (Linux / MacOS).

[mlsmaycon]

Hello folks, we are working on a fix for this issue and we will push a release soon.

[mlsmaycon]

the fix is under review by Apple, we should have the version over the weekend or early next week.

[mlsmaycon]

The release is live. Let us know if you continue to face issues.

[rookie-man-fack]

iOS is updated to the latest version, but the internal DNS still cannot be resolved. For packet capture and observation, the DNS assigned by dhcp is still used. (Linux / MacOS)resolves normally.

[jacac]

Updated to version 0.0.3 and private DNS is working now. Thank you.

[snibbo71]

I have discovered, perhaps by accident, that at least in my setup, if you're wanting to use a private DNS relay then you MUST use a server that is running Netbird.

In my case, my private DNS server is on Openwrt and controls various local DNS entries. My NetBird network router though is a Proxmox LXC and none of the individual machines in my LAN run Netbird.

I had set my DNS server to be 192.168.0.1 (the LAN address of my OpenWRT router). This failed with a timeout and no amount of checking static routes managed to fix it. This seems to be because, for IOS at least on my configuration, the DNS Server on the client is set to 100.xxx.255.254 which is not pingable from the OpenWRT router. So the DNS request reaches the router, but its answer doesn't make it back to the client.

Setting up a DNS Proxy on the LXC and setting my Netbird DNS Server Address to be the LXC LAN address solves the problem and I can use private DNS.

I'm not sure if this is expected behaviour. For additional context here, I am using an LTE connection, which appears to be CGNATted and the client is being relayed.

Also, yes, I could use Netbird directly on OpenWRT which I have done, but the CPU load, even using kernel wireguard, is prohibitive, versus barely noticeable on the LXC, though presumably this is why the connection is relayed at present.

EDIT: Ignore the bit about using it on OpenWRT being unviable. I realised my OpenWRT netbird version was incredibly old because my OpenWRT firmware was 22.0x and not the latest 23.05 version. I've now updated my router and using a much newer NetBird release and the CPU usage is almost zero. So use NB on OpenWRT if you want to share LAN access :)