DNS query encryption stops working

[ammnt]

Hello,

I am using version 7.5 beta 2 (build 3335, CL 1.7.16) and have connected my AGH server to encrypt DNS queries. But sometimes encryption stops working without any reason:

The detailed log is attached. Please, take a look!✌️

P.S.: it seems to me that at this moment everything is slowing down. And for DoH protocol same isssue😩

Thank you.
Cheers!

[adbuker]

@ammnt, does the issue occur, if you use DNS module without Adguard Home?

[ammnt]

@adbuker, I don't know yet. I don't need this module without AGH. That's what I need him for. But I'll try to test🤔

[ammnt]

@adbuker, yeah. The same thing for AdGuard DNS:

No upstream server specified here:

and then the DNS query in unencrypted form goes to the system DNS. In this case, my AGH server addresses are also listed as system addresses. Therefore, AdGuard stop to encrypt and compare DNS queries. Got it?

The log is attached too anyway.

[adbuker]

Thanks for the data, we'll work on it

[ammnt]

Thanks for the data, we'll work on it

The fix will be available in the next beta release? Thank you.

[adbuker]

@ammnt, please try the release candidate we've published yesterday. Does the issue still occur? Could you please test it also without AGH at all (your screenshot tells that you are using both products simultaneously)

[ammnt]

@ammnt, please try the release candidate we've published yesterday. Does the issue still occur? Could you please test it also without AGH at all (your screenshot tells that you are using both products simultaneously)

Unfortunately, I will not have that opportunity until at least 19 August. But I will try to do it for you somehow🙄

[adbuker]

thanks a lot, if it will be appropriate for you, I can connect to your computer remotely in order to speed up the process

[GauthierPLM]

I noticed the same issue with Adguard 7.5 nightly 17 & 18. I enabled DNS filtering and configured NextDNS as a custom DNS (DoH address is https://dns.nextdns.io/<configuration ID>/AdGuard_Windows).

The behaviour I noticed is as described by @ammnt : after a while (maybe computer reboot, I haven't tested), the DNS config is "disabled" and the system' DNS is used instead of the one configured in AdGuard.

• Going in settings and disabling and then enabling DNS filtering does not fix the issue.
• Setting the DNS server to one of the provided servers (for example AdGuard DNS) and back to the custom DNS fixes the issue. No need of restarting DNS filtering.
  Restarting AdGuard (quitting AdGuard and its service and restarting it) keep the DNS working.

[ammnt]

The queries are still leaking. I think need to find way how to minimize it:
https://forum.adguard.com/index.php?threads/adguard-7-5-1-got-problems-with-nextdns.39596/

[ammnt]

@adbuker, the leak stopped when I set the IP addresses and the stub domain via hosts file:

45.90.28.0 dns.nextdns.io
45.90.30.0 dns.nextdns.io

I thought that the problem arises during initial resolution.