No internet connection in emulated linux distros

[Unwhale]

Problem description

Every time I try different ways to install linux distributions like ubuntu, debian or kali and log in to use them, I find myself unable to download anything inside of them.
Steps to reproduce

I just used about 5 different ways of install linux in termux, including AnLinux, UserLand and some random manuals I googled.
Expected behavior

I expect emulated linux distribution to work properly and be able to use internet and download updates
Additional information
I am not sure if that is a correct place to report this, but if you have any probable ideas why don't my termux emulated linux distros can't connect to the net, please post them as answers.

Something else that might be important:

1. I am able to use pkg in termux just fine, so it does not seem to have fatal problems with internet itself.
2. I always check for an /etc/resolf.conf file inside emulated linux and it's always filled with google DNS ("nameserver 8.8.8.8 nameserver 8.8.4.4")

• Termux application version: 0.92
• Android OS version: 10
• Device model: sony G8441

[michalbednarski]

Issue doesn't appear on devices I use for testing, so it's probably something device specific

In order to see whats going on I'd need you to run following script and attach trace-outside.txt, trace-inside.txt and trace-proot.txt files from netprobe directory to this issue

#!/data/data/com.termux/files/usr/bin/bash
set -xe
pkg install -y wget proot strace
rm -rf netprobe
mkdir netprobe
cd netprobe
wget https://raw.githubusercontent.com/Neo-Oli/termux-ubuntu/master/ubuntu.sh
bash ubuntu.sh
wget http://ports.ubuntu.com/ubuntu-ports/pool/main/s/strace/strace_4.25-0ubuntu1_arm64.deb -O ubuntu-fs/root/strace.deb
strace -o trace-outside.txt wget http://ports.ubuntu.com/ubuntu-ports/pool/universe/b/busybox/busybox_1.27.2-2ubuntu7_arm64.deb -O ubuntu-fs/root/busybox.deb
echo dpkg -i ./busybox.deb ./strace.deb|./start-ubuntu.sh
echo strace -fo trace-inside.txt -vs5000 busybox wget http://detectportal.firefox.com/success.txt -O result1.txt|./start-ubuntu.sh||:
echo busybox wget http://detectportal.firefox.com/success.txt -O result2.txt|PROOT_VERBOSE=9 ./start-ubuntu.sh|&tee trace-proot.txt||:
mv -f ubuntu-fs/root/trace-inside.txt .

[Unwhale]

Thanks for the answer! Here are tge files you mentioned
trace-inside.txt
trace-outside.txt
trace-proot.txt

[michalbednarski]

I can see two differences between accessing network inside and outside proot:

1. In prooted distro, DNS queries are performed directly by application, while in Termux they are performed by system daemon to which application connects through /dev/socket/dnsproxyd unix socket. Inside prooted trace I see that DNS request appears to be successfully sent (sendmmsg returned success, although this doesn't mean that packet really left device), but response hasn't been received.
2. In Termux sockets are marked by sending them to /dev/socket/fwmarkd unix socket. This sets SO_MARK option on socket which may be used in system for selecting network and/or VPN which connection will use. This is done by Bionic (Android C library), which is not present in prooted distros.

I'd ask for running following command inside prooted distro and positing result; this will allow us to check if non-DNS traffic works inside prooted environment

busybox wget http://23.2.13.56/success.txt --header "Host: detectportal.firefox.com"

[Unwhale]

thanks, that's the output:

So does it mean that is the DNS problem and I have some way to properly configure them? Until now, I did not explore that part of linux much and all of my DNS practice was just changing /etc/resolv.conf to Google DNS.

[michalbednarski]

There are two possibilities:

1. Network you are connected to blocks traffic to these Google/Cloudflare DNS servers. If so you'd need to set /etc/resolv.conf to server your device is using. You can find it for example by using Network Info II app in WIFI tab
2. Device doesn't allow direct DNS or UDP traffic. In this case DNS requests must be performed with Bionic (Android C library). One way to do so, at least for guest programs using Glibc, would be to run this script outside proot, you'll need to create nscd directory and adjust path at bottom of script, see comments at bottom of that script for details.

[ghost]

Device doesn't allow direct DNS or UDP traffic.

This can be a privacy feature when DoH/DoT are enabled.

[Unwhale]

Thanks everyone who answered, I tried to use other network (my mobile network) instead of the one I had problems on and the prooted distro has internet. I was too sure my wi-fi won't cause the problem

[Tasbeehkhan]

Not works any thing what's the problem