diag
diag copied to clipboard
Published
20 hours ago •
nextdns
nextdns
Diag not playing nice with Little Snitch
Hey -- seems like running this script generates a different binary name (ie nextdns-diag-16136).
This means every time this runs I need to allow this in Little Snitch's firewall rules. However, the script does not wait and before I can click allow, it already fails in the script.
Do you want to continue? (press enter to accept)
Testing IPv6 connectivity
available: false
Fetching https://test.nextdns.io
Fetch error: Get "https://test.nextdns.io": unexpected EOF
For example, I do have IPv6 connectivity:
$ ping6 google.be -c 1
PING6(56=40+8+8 bytes) 2404:e801:200e:227f:8cab:3eee:8919:9502 --> 2404:6800:4003:c03::5e
16 bytes from 2404:6800:4003:c03::5e, icmp_seq=0 hlim=108 time=6.519 ms
--- google.be ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 6.519/6.519/6.519/0.000 ms
And opening tests in the browser works fine:
{
"status": "ok",
"protocol": "DOH",
"configuration": "xxx",
"client": "58.96.209.xxx",
"destIP": "103.62.48.147",
"server": "gsl-sin-1",
"clientName": "nextdns-cli",
"deviceName": "yeri-macbookpro1",
"deviceID": "xxx"
}
FWIW manually running the binaries in tmp works fine:
yeri-macbookpro1 /tmp $ sudo ./nextdns-diag-15816
Password:
Testing IPv6 connectivity
available: true
Fetching https://test.nextdns.io
status: ok
client: 58.96.209.xxx
protocol: DOH
dest IP: 103.62.48.147
server: gsl-sin-1
Traceroute for primary IPv4 (45.90.28.0)
1 10.60.111.1 11ms 1ms 4ms
2 183.90.53.1 7ms 4ms 4ms
3 183.90.44.149 8ms 5ms 5ms
[...]
And we've talked about this in the past through the chat (which is gone now?) but IPv6 and dns2 route are not great. Hope this get resolves as this has been going on for months.