Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

An issue with providers relying on their DNS servers to provide IPv4-mapped addresses #1884

Closed
ameshkov opened this issue May 22, 2018 · 19 comments

Comments

Projects
None yet
6 participants
@ameshkov
Copy link
Member

commented May 22, 2018

Just when I thought I was out, they pulled me back:
#1804 (comment)

Steps to reproduce (Sprint):

  1. Use the build with a new TUN address: https://uploads.adguard.com/up04_hichx_adguard_tun_address_settings.apk
  2. Enable DNS filtering module
  3. Use a custom DNS server (any of them)
  4. Use the speedtest app

For some reason, the LTE is throttled to 2 Mbps.
No issue when using the system default DNS.

T-Mobile

Using a custom DNS server is impossible, they don't let using IPv4 addresses at all.

What do we need

Here's what we need:
#1884 (comment)

Edit: Got the logs for Sprint on Android: #1884 (comment)

@ameshkov ameshkov changed the title Galaxy S9 + Sprint + AG + Custom DNS server: slows down LTE upload/download speed Galaxy S9 + Sprint + AG + Custom DNS server: slows down LTE upload/download speeds May 22, 2018

@Kaiser23k

This comment has been minimized.

Copy link

commented May 22, 2018

I just keep bringing you problems, sorry.

Anyways, this issue does not affect Wi-Fi, just LTE.
And only custom DNS servers.

That's all I have for you at this time.

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented May 22, 2018

No worries and thank you for helping us resolve them :)

@Kaiser23k

This comment has been minimized.

Copy link

commented May 27, 2018

Disabling AG for Speedtest app while using a custom DNS fixes the issue.
Disabling "Ad blocking" while keeping AG Enabled for Speedtest does not work.
I'll keep trying other things.

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 1, 2018

Not sure if this will help, but I will run "ip addr show" in adb shell with:
DNS Disabled
DNS Enabled, System DNS
DNS Enabled, Custom DNS

I'll paste them in separate posts.

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 1, 2018

DNS DISABLED

star2qlteue:/ $ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 2e:9f:24:20:4f:2a brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 36:86:86:75:23:ba brd ff:ff:ff:ff:ff:ff
inet6 fe80::3486:86ff:fe75:23ba/64 scope link
valid_lft forever preferred_lft forever
4: sit0@NONE: mtu 1480 qdisc noop state DOWN group default qlen 1
link/sit 0.0.0.0 brd 0.0.0.0
5: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8e:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
6: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8c:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
7: rmnet_ipa0: <UP,LOWER_UP> mtu 2000 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/[530]
8: rmnet_data0: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:1:971c:afa4:6cbc:b623:40c6:aab8/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::522c:bc13:f71f:917c/64 scope link
valid_lft forever preferred_lft forever
9: rmnet_data1: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:2:8825:84be:0:5e:1ce8:6301/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ef7b:2738:a411:237b/64 scope link
valid_lft forever preferred_lft forever
10: rmnet_data2: <> mtu 1422 qdisc noop state DOWN group default qlen 1000
link/[530]
11: rmnet_data3: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
12: rmnet_data4: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
13: rmnet_data5: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
14: rmnet_data6: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
15: rmnet_data7: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
16: epdg0: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
17: epdg1: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
18: epdg2: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
19: epdg3: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
20: epdg4: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
23: v4-rmnet_data0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1394 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 192.0.0.4/32 brd 192.0.0.4 scope global v4-rmnet_data0
valid_lft forever preferred_lft forever
inet6 fe80::8dba:1c7:e189:8d37/64 scope link flags 800
valid_lft forever preferred_lft forever
25: tun0: <POINTOPOINT,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 172.18.11.218/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 2001:db8:ad:0:ff::/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::2a76:23c2:ddc9:d2de/64 scope link flags 800
valid_lft forever preferred_lft forever

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 1, 2018

DNS ENABLED, SYSTEM DNS

star2qlteue:/ $ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 2e:9f:24:20:4f:2a brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 36:86:86:75:23:ba brd ff:ff:ff:ff:ff:ff
inet6 fe80::3486:86ff:fe75:23ba/64 scope link
valid_lft forever preferred_lft forever
4: sit0@NONE: mtu 1480 qdisc noop state DOWN group default qlen 1
link/sit 0.0.0.0 brd 0.0.0.0
5: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8e:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
6: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8c:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
7: rmnet_ipa0: <UP,LOWER_UP> mtu 2000 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/[530]
8: rmnet_data0: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:1:971c:afa4:6cbc:b623:40c6:aab8/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::522c:bc13:f71f:917c/64 scope link
valid_lft forever preferred_lft forever
9: rmnet_data1: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:2:8825:84be:0:5e:1ce8:6301/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ef7b:2738:a411:237b/64 scope link
valid_lft forever preferred_lft forever
10: rmnet_data2: <> mtu 1422 qdisc noop state DOWN group default qlen 1000
link/[530]
11: rmnet_data3: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
12: rmnet_data4: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
13: rmnet_data5: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
14: rmnet_data6: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
15: rmnet_data7: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
16: epdg0: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
17: epdg1: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
18: epdg2: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
19: epdg3: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
20: epdg4: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
23: v4-rmnet_data0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1394 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 192.0.0.4/32 brd 192.0.0.4 scope global v4-rmnet_data0
valid_lft forever preferred_lft forever
inet6 fe80::8dba:1c7:e189:8d37/64 scope link flags 800
valid_lft forever preferred_lft forever
27: tun0: <POINTOPOINT,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 172.18.11.218/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 2001:db8:ad:0:ff::/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::d10:682d:bd74:7496/64 scope link flags 800
valid_lft forever preferred_lft forever

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 1, 2018

DNS ENABLED, CUSTOM DNS

star2qlteue:/ $ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 2e:9f:24:20:4f:2a brd ff:ff:ff:ff:ff:ff
3: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 36:86:86:75:23:ba brd ff:ff:ff:ff:ff:ff
inet6 fe80::3486:86ff:fe75:23ba/64 scope link
valid_lft forever preferred_lft forever
4: sit0@NONE: mtu 1480 qdisc noop state DOWN group default qlen 1
link/sit 0.0.0.0 brd 0.0.0.0
5: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8e:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
6: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 8c:45:00:71:b9:72 brd ff:ff:ff:ff:ff:ff
7: rmnet_ipa0: <UP,LOWER_UP> mtu 2000 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/[530]
8: rmnet_data0: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:1:971c:afa4:6cbc:b623:40c6:aab8/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::522c:bc13:f71f:917c/64 scope link
valid_lft forever preferred_lft forever
9: rmnet_data1: <UP,LOWER_UP> mtu 1422 qdisc htb state UNKNOWN group default qlen 1000
link/[530]
inet6 2600:2:8825:84be:0:5e:1ce8:6301/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ef7b:2738:a411:237b/64 scope link
valid_lft forever preferred_lft forever
10: rmnet_data2: <> mtu 1422 qdisc noop state DOWN group default qlen 1000
link/[530]
11: rmnet_data3: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
12: rmnet_data4: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
13: rmnet_data5: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
14: rmnet_data6: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
15: rmnet_data7: <> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/[530]
16: epdg0: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
17: epdg1: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
18: epdg2: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
19: epdg3: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
20: epdg4: <POINTOPOINT,MULTICAST,NOARP> mtu 1422 qdisc noop state DOWN group default qlen 500
link/none
23: v4-rmnet_data0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1394 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 192.0.0.4/32 brd 192.0.0.4 scope global v4-rmnet_data0
valid_lft forever preferred_lft forever
inet6 fe80::8dba:1c7:e189:8d37/64 scope link flags 800
valid_lft forever preferred_lft forever
31: tun0: <POINTOPOINT,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 172.18.11.218/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 2001:db8:ad:0:ff::/128 scope global
valid_lft forever preferred_lft forever
inet6 fe80::4a44:fb72:c28:7bdb/64 scope link flags 800
valid_lft forever preferred_lft forever

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 1, 2018

I was unable to find any difference between them. Guess this didn't help :(

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented Jun 11, 2018

I think I have an idea!

We need to compare the IP addresses resolved by the system default DNS to the ones resolved by the custom DNS. Sprint might be using the same IPv4-mapping trick as T-Mobile.

So, I need two sets of logs (custom DNS and system default DNS) recorded with the "record everything" logging level.

@Kaiser23k

This comment has been minimized.

Copy link

commented Jun 11, 2018

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented Jun 12, 2018

So, here's what I see.

In the Cloudflare DNS case, it resolves the A record (IPv4), but not the AAAA record (IPv6):

DNS id=10000028 question=ookla1.tacmwa.sprintadp.net.	0	IN	AAAA answer=Empty
DNS id=10000029 question=ookla1.tacmwa.sprintadp.net.	0	IN	A answer=A: 204.180.152.6 (ttl=1620)

However, the system default DNS returns an AAAA response as well:

DNS id=10000084 question=ookla1.tacmwa.sprintadp.net.	0	IN	AAAA answer=AAAA: 2600:0:cf02:ff64::ccb4:9806 (ttl=180)
DNS id=10000085 question=ookla1.tacmwa.sprintadp.net.	0	IN	A answer=A: 204.180.152.6 (ttl=84475)

I assume that the AAAA record is a Sprint's IPv4-mapped address. All these mapped addresses have the same prefix: 2600:0:cf02:ff64::.

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented Jun 12, 2018

IPv4 to long (204.180.152.6) = 3434387462
Hex to integer (ccb4:9806) = 3434387462

Yeah, this is a mapped address, and we can emulate this behavior on our side. That will let Sprint users use custom DNS servers with no throttling.

However, I'd better wait and collect logs from users with other operators (T-Mobile at least) just to see if they're using the same approach.

There's a similar issue on Android and iOS, and I'd like us to resolve both: AdguardTeam/AdguardForiOS#796

@ameshkov ameshkov changed the title Galaxy S9 + Sprint + AG + Custom DNS server: slows down LTE upload/download speeds An issue with providers relying on their DNS servers to provide IPv4-mapped addresses Jun 12, 2018

@ameshkov ameshkov added Compatibility and removed Android bug labels Jun 12, 2018

@ameshkov ameshkov self-assigned this Jun 12, 2018

@ameshkov ameshkov added this to the 3.0 milestone Jun 12, 2018

@sfionov

This comment has been minimized.

Copy link
Member

commented Jun 12, 2018

Android uses this RFC for PLAT prefix detection on IPv6-only APNs:
https://tools.ietf.org/rfc/rfc7050.txt

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented Jun 12, 2018

Sounds rather simple to implement.

  1. On a network change, make an AAAA request for the "Well-Known IPv4-only Name" (ipv4only.arpa.) to the system default DNS server.
  2. If there's a response, mark the network as DNS64-enabled.
  3. Look through all of the received AAAA resource records and collect the prefixes. To simplify things, we will be using the first discovered prefix.
@admitrevskiy

This comment has been minimized.

Copy link

commented Sep 26, 2018

Resolved in 3.0

Testing instructions:
No needs, we can't emulate IPv6 only network with DNS64 system server

@Kaiser23k

This comment has been minimized.

Copy link

commented Sep 26, 2018

Is there currently a V3.0 beta or nightly build I can use?

@ameshkov

This comment has been minimized.

Copy link
Member Author

commented Sep 26, 2018

@Kaiser23k not yet ready for nightlies unfortunately

@TPS

This comment has been minimized.

Copy link
Contributor

commented Nov 11, 2018

@Kaiser23k Try https://agrd.io/android_nightly for ≥ v3.056ƞ

Btw, followed entire discussion @ #1804 & here. Absolutely fascinating!

@Kaiser23k

This comment has been minimized.

Copy link

commented Nov 14, 2018

Everything so far seems to be working correctly now. 👍
I'll let you know if I find anything else not working correctly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.