`http.address` overrules `dns.bind_hosts` for DoH listener

Open linuxgemini opened this issue 1 year ago • 1 comments

Prerequisites

[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to report a bug and not ask a question or ask for help
[X] I have set up AdGuard Home correctly and configured clients to use it. (Use the Discussions for help with installing and configuring clients.)

Platform (OS and CPU architecture)

Linux, ARM64

Installation

GitHub releases or script from README

Setup

On one machine

AdGuard Home version

v0.108.0-b.59

Action

Create a regular AGH instance.
Enable encrypted services, with:
- A hostname (not IP) as the server name.
- Use a TLS certificate that does not have IPs as SAN.
- Make sure HTTPS port is set to 443.
Stop AGH.
Do the following changes to AdGuardHome.yaml:
- Set http.address to 127.0.0.1:80
- Set dns.bind_hosts to other IP addresses the host might have, for instance:
```
dns:
  bind_hosts:
    - 192.0.2.1
    - 2001:db8::1
```
Start AGH.
Connect to one of the bind hosts using HTTPS.

Expected result

AGH should be responding with the DoH listener.

Actual result

AGH not responding as its not listening on the dns.bind_hosts addresses for DoH.

Additional information and/or screenshots

System Information:

root@agh-demohost:~# uname -a
Linux agh-demohost 6.1.0-26-arm64 #1 SMP Debian 6.1.112-1 (2024-09-30) aarch64 GNU/Linux
root@agh-demohost:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 12 (bookworm)
Release:        12
Codename:       bookworm
root@agh-demohost:~#

The host contains 3 public IP addresses for each IP version, so 3 IPv4 and 3 IPv6 addresses totaling to 6 addresses. All addresses have seperate purposes and is delegated to the same interface.

Related (redacted) interfaces(5) config:

auto enp7s0
iface enp7s0 inet static
	address 37.xxx.yyy.zz/22
	gateway 37.xxx.yyy.1
iface enp7s0 inet static
	address 81.tt.dd.ppn/32
iface enp7s0 inet static
	address 81.tt.dd.ppm/32

iface enp7s0 inet6 static
	address 2a03:XXXX:X:XX::/64
	gateway fe80::1
iface enp7s0 inet6 static
	address 2a03:XXXX:X:XX::YYY/128
	preferred-lifetime 0
iface enp7s0 inet6 static
	address 2a03:XXXX:X:XX::ZZZ/128
	preferred-lifetime 0

For reference, one IP pair is for the server itself, one pair is for pdns-recursor and dnsproxy, and last pair is for AGH.

Only in AGH I couldn't get dual stack working (without setting a global listener like 0.0.0.0 or [::], which led me discovering this bug.

Oct 31 '24 00:10 linuxgemini

I can also confirm this, is there any movement on this issue?

Apr 30 '25 01:04 kyletpugh