Comments (23)
I'll have to test and see.. is it raspberry pi 64bit? you are using? cause 64bit came out February and could have issues.. if you do try 32bit and see if you get same errors
or it could be cloudflare version
Yes I was using 32Bit and this issue was present, moved to 64 Bit and the issue still happens
I am using the latest clodflared version present FYI
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes use this method i suggested in #28 (comment) for DoH. I guess I can add this to wiki as an alternative for Cloudflared tunnel client.
DNSCrypt - a DNS(DoH) proxy client.
I will try and replicate this and see what the dependencies are on my instance.
Maybe something is interfering. I will get back to you on this in a few days.
from adguard-wireguard-unbound-dnscrypt.
I'll have to test and see.. is it raspberry pi 64bit? you are using? cause 64bit came out February and could have issues.. if you do try 32bit and see if you get same errors
or it could be cloudflare version
from adguard-wireguard-unbound-dnscrypt.
I realized one more thing.
Immediately after a restart the service seems to be fine and the behavior of 1.1.1.1/help DoH is also ok
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes I get no errors after reboot on Raspberry OS 64bit. and I saw no issues like yours on https://github.com/cloudflare/cloudflared
It's doesn't happen immediately. It happens all of a sudden, I will keep an eye and report back to you
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes sorry I now saw the issues on cloudflare/cloudflared#91 and cloudflare/cloudflared#306.. I guess its something i cannot fix. I tried rebooting shutting down pi and rebooting router but issue do not shows for me still..
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes use this method i suggested in #28 (comment) for DoH. I guess I can add this to wiki as an alternative for Cloudflared tunnel client.
DNSCrypt - a DNS(DoH) proxy client.
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes I saw this person said they found a fix cloudflare/cloudflared#306 (comment), try it and see if it works for you
open:
sudo nano /etc/default/cloudflared
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes I saw this person said they found a fix cloudflare/cloudflared#306 (comment), try it and see if it works for you
open:
sudo nano /etc/default/cloudflared
add :
--max-upstream-conns 50
@trinib
Yes I did try this in fact but it did not help at all.
I think I have narrowed down a possibility but need to observe and check.
from adguard-wireguard-unbound-dnscrypt.
it seems this issue happens for some and not everyone, some say it's a isp and router issue. cloudflare/cloudflared#91 (comment)
See if this works cloudflare/cloudflared#91 (comment)
from adguard-wireguard-unbound-dnscrypt.
it seems this issue happens for some and not everyone, some say it's a isp and router issue. cloudflare/cloudflared#91 (comment)
See if this works cloudflare/cloudflared#91 (comment)
Doubt it's an ISP issue, and I do not have the hosts directory on my system.
from adguard-wireguard-unbound-dnscrypt.
it seems this issue happens for some and not everyone, some say it's a isp and router issue. cloudflare/cloudflared#91 (comment)
See if this works cloudflare/cloudflared#91 (comment)Doubt it's an ISP issue, and I do not have the hosts directory on my system.
you can create it .
from adguard-wireguard-unbound-dnscrypt.
This issue with cloudflare is really weird .. Hear this I have a good idea .. to really see if it's cloudfared or just your location isp router etc .. I want you to try on a VPS !!!. here is my personal referral link for free $35-https://www.vultr.com/?ref=9113990-8H
for first user signup(limited). or if it do not work here is regular referral for $10-https://www.vultr.com/?ref=9113188
let me know if you need help setting it up .. it pretty easy and quick .. watch a youtube guide if issue
from adguard-wireguard-unbound-dnscrypt.
firefox_5Cpl9ZQOgB.mp4
from adguard-wireguard-unbound-dnscrypt.
Thank you, will look into this and revert shortly. So you want me to test this on a virtual server right?
from adguard-wireguard-unbound-dnscrypt.
Thank you, will look into this and revert shortly. So you want me to test this on a virtual server right?
yes
from adguard-wireguard-unbound-dnscrypt.
After using DNScrypt running on port 5335 as well I have started to see this issue where the upstream server sporadically works and stops most of the time.
Even after restarting the service I noticed this error wouldn't go away.
May 12 18:11:37 eltonsraspberrypi dnscrypt-proxy[546859]: [2022-05-12 18:11:37] [ERROR] Get "https://dns.cloudflare.com/dns-query?dns=yv4BAAABAAAAAAABAAACAAEAACkQAAAAAAAAFAAMABDnWpigWoLlJKOn36NBJY-N": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
So I stopped the service, changed the port again to 53000 and started it.
but again it stopped
I even did a test in this manner and I got a reply
curl portquiz.net:5335 --connect-timeout 1
But when I tested this way
dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335
I got a response ; <<>> DiG 9.16.27-Debian <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5335
;; global options: +cmd
;; connection timed out; no servers could be reached
from adguard-wireguard-unbound-dnscrypt.
After using DNScrypt running on port 5335 as well I have started to see this issue where the upstream server sporadically works and stops most of the time.
Even after restarting the service I noticed this error wouldn't go away.
May 12 18:11:37 eltonsraspberrypi dnscrypt-proxy[546859]: [2022-05-12 18:11:37] [ERROR] Get "https://dns.cloudflare.com/dns-query?dns=yv4BAAABAAAAAAABAAACAAEAACkQAAAAAAAAFAAMABDnWpigWoLlJKOn36NBJY-N": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
So I stopped the service, changed the port again to 53000 and started it.
but again it stopped I even did a test in this manner and I got a reply curl portquiz.net:5335 --connect-timeout 1
But when I tested this way dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335
I got a response ; <<>> DiG 9.16.27-Debian <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 ;; global options: +cmd ;; connection timed out; no servers could be reached
You need to show your configurations ..
from adguard-wireguard-unbound-dnscrypt.
for me i like to share my result unbound , cloudflare-proxy , dnscrypt-proxy working fine (form me i use family upstream you can use the properly you need)
############################# Dig result as following 👍
dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 (Unbound dns) ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12068 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 412 msec ;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:42 EEST 2022 ;; MSG SIZE rcvd: 57 dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5053 ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5053 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56216 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: e48ef842b2bf56b5 (echoed) ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 12 msec ;; SERVER: 127.0.0.1#5053(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:51 EEST 2022 ;; MSG SIZE rcvd: 69 dig sigfail.verteiltesysteme.net @127.0.0.1 -p 6053 (dnscrypt-proxy) ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 6053 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61243 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 44 msec ;; SERVER: 127.0.0.1#6053(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:54 EEST 2022 ;; MSG SIZE rcvd: 57
@jo20201 what os and hardware are you using ? .. you get alot of errors for Unbound . It should look like this
.. I know the fix for the warning "warning: so-rcvbuf 1048576" . You need to open sudo nano /etc/sysctl.conf
and add
net.core.rmem_max=1048576
I get that error on a VM Ubuntu, not sure about Pi at the moment(waiting on power supply).. those other errors are weird
from adguard-wireguard-unbound-dnscrypt.
for me i like to share my result unbound , cloudflare-proxy , dnscrypt-proxy working fine (form me i use family upstream you can use the properly you need)
![]()
![]()
############################# Dig result as following 👍dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 (Unbound dns) ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5335 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12068 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 412 msec ;; SERVER: 127.0.0.1#5335(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:42 EEST 2022 ;; MSG SIZE rcvd: 57 dig sigfail.verteiltesysteme.net @127.0.0.1 -p 5053 ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 5053 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56216 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: e48ef842b2bf56b5 (echoed) ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 12 msec ;; SERVER: 127.0.0.1#5053(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:51 EEST 2022 ;; MSG SIZE rcvd: 69 dig sigfail.verteiltesysteme.net @127.0.0.1 -p 6053 (dnscrypt-proxy) ; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> sigfail.verteiltesysteme.net @127.0.0.1 -p 6053 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61243 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;sigfail.verteiltesysteme.net. IN A ;; Query time: 44 msec ;; SERVER: 127.0.0.1#6053(127.0.0.1) (UDP) ;; WHEN: Fri May 13 11:42:54 EEST 2022 ;; MSG SIZE rcvd: 57@jo20201 what os and hardware are you using ? .. you get alot of errors for Unbound . It should look like this
.. I know the fix for the warning "warning: so-rcvbuf 1048576" . You need to opensudo nano /etc/sysctl.conf
and addnet.core.rmem_max=1048576
I get that error on a VM Ubuntu, not sure about Pi at the moment(waiting on power supply).. those other errors are weird
Thx dude now the issue fixed with your help and I disable the log
What are you running Unbound on ? I still see these messages "notice: init module..."
from adguard-wireguard-unbound-dnscrypt.
this error in config file for unbound related with
# Ensure kernel buffer is large enough to not lose messages in traffix spikes so-rcvbuf: 4m so-sndbuf: 4m
@jo20201 yea your right. 4m seems to work fine on PI. I do not know exactly why that happens in Ubuntu. you still have not said what are you running it on.
There is another way I figured out. You can set it in unbound.conf
in kb. For example if it shows :
Open sudo nano /etc/unbound/unbound.conf.d/unbound.conf
and set
Restart service:
sudo systemctl restart unbound
and no error
from adguard-wireguard-unbound-dnscrypt.
this error in config file for unbound related with
# Ensure kernel buffer is large enough to not lose messages in traffix spikes so-rcvbuf: 4m so-sndbuf: 4m@jo20201 yea your right. 4m seems to work fine on PI. I do not know exactly why that happens in Ubuntu. you still have not said what are you running it on.
There is another way I figured out. You can set it inunbound.conf
in kb. For example if it shows :
Opensudo nano /etc/unbound/unbound.conf.d/unbound.conf
and set
Restart service:sudo systemctl restart unbound
and no error
my OS is ubuntu 22.04
@jo20201 what hardware ? no VM right ? if using PI, I guess its a Ubuntu thing ..
from adguard-wireguard-unbound-dnscrypt.
@eltonajmenezes i have been using it for a while and issue has not arrive for me.
from adguard-wireguard-unbound-dnscrypt.
Related Issues (20)
- Auto update for pi HOT 2
- DoT not working with own public domain and SSL certificate HOT 2
- [feature]: Leverage Black Mirror to handle general blacklisting HOT 4
- Turn off DNSStubListener
- Raspberry Pi OS doesn't seem to adhere to DoH but clients do? HOT 21
- warning: so-rcvbuf HOT 2
- AdGuard Home memory issue HOT 1
- How to: Make AdGuard UI and DNS service ports only accessible via VPN HOT 1
- More complete tutorial for Adguard+Wireguard+Knot+DnsCrypt(oDoH) HOT 4
- Got error about Unbound (so-rcvbuf and so-sendbuf) HOT 5
- Adguard home all interface HOT 26
- Stop promoting Cloudflare and DoH services! HOT 38
- Default Provided Unbound Config Does Not Work With DnsCrypt HOT 35
- Website stops loading due to DNS HOT 5
- DOH not working and not showing on cloudfare website. HOT 35
- SERVFAIL ISSUES HOT 8
- Unbound self-compiling from latest source HOT 10
- How can i setup netmaker + adguard + unbound HOT 3
- Updating block lists HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from adguard-wireguard-unbound-dnscrypt.