netbird
netbird copied to clipboard
netbirdio
Local DNS listener refuses connection after version 0.27.4
Describe the problem
Netbird linux client does not respond to DNS requests. (REFUSED) So after upgrading to 0.27.5 the local DNS resolver stopped working.
I have a server running my own DNS server. On this server I have a network which has the subnet 192.168.94.0/24.
I have setup a static route to this network and it's working perfectly.
The DNS server is running on the 192.168.94.53 IP and it is used for local only domain resolution.
For example: postgres.domain.com -> 192.168.94.20
This DNS server is configured for the "devnet" group. My user is added to this group.
On my own computer I get a netbird VPN IP: 100.111.5.11, the local DNS server should respond on this IP but it does NOT! Which means that there is no DNS resolution. In fact, I see that the netbird client is listening on port 53, but it refuses the connection:
dig google.com @100.111.5.11
However if I make the DNS request directly to my DNS server:
dig postgres.domain.com @192.168.94.53 I get an answer.
Downgrading to 0.27.4 solved the problem. Everything works as excepted.
The platfrom is Linux, tested on Solus OS and Fedora, same error in both cases with 0.27.5
To Reproduce
Steps to reproduce the behavior:
- Upgrade to 0.27.5
netbird up- dig
dig google.com @100.111.X.X -> REFUSED - dig
dig google.com @192.168.94.53 -> OK
Expected behavior
The DNS server should answer.
Are you using NetBird Cloud?
Yes NetBird Cloud
NetBird version
0.27.5
Can you provide a netbird status -dA when on 0.27.5, please? Logs would also be helpful.
You can generate a bundle containing logs and the status output with netbird debug for 1m -A (anonymized)
netbird status -dA output:
OS: linux/amd64
Daemon version: 0.27.5
CLI version: 0.27.5
Management: Connected to https://api.netbird.io:443
Signal: Connected to https://signal.netbird.io:443
Relays:
[stun:stun.netbird.io:5555] is Unavailable, reason: dial: failed to listen: dial: dial udp: lookup stun.netbird.io on 127.0.0.53:53: server misbehaving
[turns:turn.netbird.io:443?transport=tcp] is Unavailable, reason: dial: dial: dial tcp: lookup turn.netbird.io on 127.0.0.53:53: server misbehaving
Nameservers:
[192.168.94.53:53] for [.] is Available
FQDN: fedora-lap.netbird.cloud
NetBird IP: 100.111.150.97/16
Interface type: Kernel
Quantum resistance: false
Routes: -
Peers count: 1/1 Connected
netbird debug for 1m -A shows nothing, just a timer.
DNS:
Thanks so far.
netbird debug for 1m -A shows nothing, just a timer.
It should print a file path at the end, does it not? You'll need root permissions to copy it from there.
@lixmal Hello, I have exactly same problem on 0.27.5, downgrade to 0.27.4 resolved the issue.
This is what I have found in the log, I guess it is related to the issue:
2024-05-13T15:39:00+02:00 WARN [error: read udp 192.168.0.107:61401->10.0.35.1:53: i/o timeout, upstream: 10.0.35.1:53] client/internal/dns/upstream.go:102: got an error while connecting to upstream
2024-05-13T15:39:00+02:00 WARN [upstream: 10.0.35.1:53, error: read udp 192.168.0.107:49929->10.0.35.1:53: i/o timeout] client/internal/dns/upstream.go:102: got an error while connecting to upstream
2024-05-13T15:39:00+02:00 ERRO client/internal/dns/upstream.go:134: all queries to the upstream nameservers failed with timeout
2024-05-13T15:39:00+02:00 ERRO client/internal/dns/upstream.go:134: all queries to the upstream nameservers failed with timeout
Is it possible to send whole log via email?
Hello Folks, the PR #1975 will fix the issue. We will do a release soon after it is merged.
