DNS resolve issues with Adguard

Started by Tosch, December 22, 2023, 01:41:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 22, 2023, 01:41:53 PM Last Edit: December 22, 2023, 02:33:09 PM by Tosch
Hi all,

I'm running Adguard (v0.107.43, mimugmail) and OPNSense (23.7.10_1).



  • Unbound listens on 5353
  • Adguard's UI is running on 8080, listening on 53 (and "Primary DNS" checked)

My clients can't resolve any IP anymore. This happened several times in the last 2 weeks. After a while it just returned working.

This morning, I had the same. While I'm browsing rom one second to another no website is reachable, anymore. Pinging an IP still works.

Even switching off Adguard in its GUI doesn't resolve the issue.


I do have a VLAN that does not use AdGuard. Once connected to that: Everything works as usual (Services->DHCPv4->[NameofVLAN]->DNS Servers set to 1.1.1.1 + 8.8.8.8)

Here's a list of my Upstream DNS Servers:
Code Select
8.8.8.8
[/wald/]192.168.1.1:5353
https://dns10.quad9.net/dns-query
1.1.1.1
h3://dns.cloudflare.com/dns-query

dns10.quad9.net/dns-query was down this morning and I had a short period of success, when I added 8.8.8.8. to the top, but now I'm facing the same issue, again.

Not sure, where to start digging for a solution. I'd love to have a stable environment, so my family can use the internet as they are used to, when I'm not at home fixing stuff.

Any help pushing me in the right direction is appreciated!
December 23, 2023, 09:43:58 AM #1
HI, my 2c on this.

I'm in no way an expert on this but start with moving unbound from the mDNS port 5353. I've got it on 8053.

I have adguard running with working forward and backward lookup
Upstream DNS servers
Code Select
tls://security.cloudflare-dns.com
[/home/]192.168.32.1:8053
To my understanding only encrypted request are made externally.

Private reverse:
Code Select
192.168.32.1:8053

Then to troubleshoot, what happens if you try to resolve names against it?
On windows, an external and interal lookup test:
Code Select
> nslookup www.google.com 192.168.32.1
Server:  fwa
Address:  192.168.32.1

Non-authoritative answer:
Name:    www.google.com
Addresses:  2a00:1450:400f:804::2004
          142.250.74.132

> nslookup hva.home 192.168.32.1
Server:  fwa
Address:  192.168.32.1

Name:    hva.home
Address:  192.168.32.20
February 10, 2024, 04:12:01 AM #2
Just curious if you ever figured this out? I've been having the same issue lately. It usually works fine but occasionally stops working. A reboot or adguard reload seems to fix it but the reliability is not good. I'm not using Unbound and I have adguard on port 53.
Print
Go Up Pages1
User actions