Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nextdns stalls on mullvad VPN connect #873

Open
Tc-001 opened this issue Oct 2, 2023 · 1 comment
Open

Nextdns stalls on mullvad VPN connect #873

Tc-001 opened this issue Oct 2, 2023 · 1 comment
Labels
🐞 bug Something isn't working

Comments

@Tc-001
Copy link

Tc-001 commented Oct 2, 2023
edited

Context

  • CLI Version: 1.40.1
  • Platform: NixOS

<Describe the bug>

I am using the nextdns service in nixos with the latest package from unstable.
The service looks like this:

cat /etc/systemd/system/nextdns.service 
[Unit]
After=network.target
Before=nss-lookup.target
Description=NextDNS DNS/53 to DoH Proxy
StartLimitBurst=10
StartLimitIntervalSec=5
Wants=nss-lookup.target

[Service]
<...nix stuff...>

ExecStart=/nix/store/[...]/bin/nextdns run '-profile' 'xxxxxx' '-cache-size' '50MB' '-report-client-info' '-detect-captive-portals'
LimitMEMLOCK=infinity
RestartSec=120

When connecting/disconnecting to the mullvad VPN (official package, 2023.3), the DNS stops working, and I need to restart the service to have it working again.

> dig example.com
;; communications error to 127.0.0.1#53: timed out
;; communications error to 127.0.0.1#53: timed out
;; communications error to 127.0.0.1#53: timed out

; <<>> DiG 9.18.19 <<>> example.com
;; global options: +cmd
;; no servers could be reached

I have mullvad start after nextdns (as a part of a desktop autostart).

Logs and trace are below:
(Tailscale errors on both are because tailscale starts on boot before nextdns, and nextdns doesn't get internet connectivity for a bit more I guess)

These are on machine boot, as I took these before I narrowed it down to the auto-connecting VPN

nextdns log
https://pastebin.com/eg25z1mn

nextdns trace
https://pastebin.com/q3FmYvTD

These are when booting with VPN off, then turing it on (also stalls)

nextdns log
https://pastebin.com/9qrmhaa0

nextdns trace
https://pastebin.com/Gz1nz64h

config:

detect-captive-portals false
use-hosts true
log-queries false
mdns all
setup-router false
debug false
listen localhost:53
control /var/run/nextdns.sock
auto-activate true
cache-size 0
bogus-priv true
timeout 5s
discovery-dns 
hardened-privacy false
max-inflight-requests 256
cache-max-age 0s
max-ttl 0s
report-client-info false
@Tc-001 Tc-001 added the 🐞 bug Something isn't working label Oct 2, 2023
@Tc-001
Copy link
Author

Tc-001 commented Oct 2, 2023

Hmmm... my system config has any external DNS being disabled, and mullvad would block any outgoing port 53, so it is possible that the app cannot reach a DNS server to bootstrap itself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐞 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Tc-001