search

passepartoutvpn / passepartout-app

VPN client for Apple platforms.
https://passepartoutvpn.app
GNU General Public License v3.0
780 stars 120 forks source link

DNS failed #289

Closed tcurdt closed 1 year ago

tcurdt commented 1 year ago

When using the Wireguard app I connect just fine. Using passepartout it keeps trying to connect but on every try says "DNS failed".

This is on macOS 12.6.3

App: Passepartout 2.1.0 (3457)
OS: iPadOS 15.7
Device: iPad (Catalyst)

14:59:16.886 INFO AppContext.init():45 - Logging to: file:///Users/tcurdt/Library/Group%20Containers/group.com.algoritmico.Passepartout/Library/Caches/App.log
14:59:16.906 INFO ProductManager.reloadReceipt():274 - Purchased features: []
14:59:40.984 INFO ProfileManager.liveProfileEx():147 - Found profile: {A605615B-609B-4CD0-990A-A9FB37F010B2, 'home (Berlin)'}
14:59:40.990 INFO VPNManager+Actions.connect():65 - Connecting to: {A605615B-609B-4CD0-990A-A9FB37F010B2, 'home (Berlin)'}
14:59:40.993 WARNING AppContext.isEligibleForOnDemandRules():97 - Ignore on-demand rules, not eligible for trusted networks
14:59:40.994 INFO ProfileManager.saveProfile():181 - Writing profile {A605615B-609B-4CD0-990A-A9FB37F010B2, 'home (Berlin)'} to persistent store
14:59:40.998 INFO ProfileManager.saveProfile():186 -    Activating profile...
14:59:41.002 INFO ProfileManager.saveProfile():199 - Saved profile is also current profile, updating...
14:59:41.003 INFO VPNManager.reconnect():100 - Reconnecting VPN (with new configuration)
14:59:41.005 INFO TunnelKitVPNManagerStrategy.connect():152 - Reconnecting VPN...
14:59:47.554 INFO VPNManager.disable():112 - Disabling VPN

Checking the VPN logs I am seeing

App: Passepartout 2.1.0 (3457)
OS: iPadOS 15.7
Device: iPad (Catalyst)

14:59:45 - DNS resolution failed for the following hostnames: <hidden>.duckdns.org

But it resolves just fine

$ ping <hidden>.duckdns.org
PING <hidden>.duckdns.org (84.140.135.221): 56 data bytes
64 bytes from 84.140.135.221: icmp_seq=0 ttl=61 time=25.877 ms
keyute commented 1 year ago

is your dns a private ip? it seems like the app is using the dns defined in the config to resolve the hostname

tcurdt commented 1 year ago

Interesting. Yes, the DNS server is a private IP.

And it's a little weird I cannot reach it through wireguard.

https://www.reddit.com/r/WireGuard/comments/12hzcvk/dns_problems_from_macos_client/

So I guess the two problems are related then.

keyute commented 1 year ago

you can set a public dns (such as 1.1.1.1) as a fallback. this works well with the wireguard client but not passepartout as it will use whatever that resolved the hostname which makes setting a private dns pointless.

tcurdt commented 1 year ago

you can set a public dns (such as 1.1.1.1) as a fallback. this works well with the wireguard client but not passepartout as it will use whatever that resolved the hostname which makes setting a private dns pointless.

I am sorry but I am not sure what you mean by "it will use whatever that resolved the hostname which makes setting a private dns pointless". The private DNS server also acts as a forwarder and will also resolve external IPs. If that is you concern. But the DNS server can only be reached once the connection is established.

And even then I am still struggling with the problem that wireguard doesn't allow the DNS query when the connection is established.

keeshux commented 1 year ago

@tcurdt please let me know if the 2.1.1 hotfix resolves your issue.

tcurdt commented 1 year ago

I fear testing from behind the router on the LAN might not give a good data point whether it works or not. I will report back as soon as I can test this outside the LAN.

What was changed in the hotfix?