v0.7.55 DNS resolution fails #1794
Comments
|
Please include the full log of the current version. Note that the 0.7.55 version is currently a beta version. |
|
v0.7.55 was offered as regular update through f-droid repo (using droid-ify), no indication as pre-release fails on the servers in the list with domain name |
caribou-snake
changed the title
Yeah, F-droid has no beta version the last time this issue was raised and left it to them what I should do. I had special production tags in the past but fdroid ignored those and rather picks up all releases. This behaviour is not in an area that was changed between 0.7.54 and 0.7.55. I am not sure what is triggering it. In my own tests with Android 15, resolving works just fine. It might have to do something with your dns hosntmae or your config but I fail to reproduce it here. |
|
The log is not really that much helpful as all the information that might help to try to reprodoce the issue is redacted. |
|
We really need to see the config - this looks like an unexpected interaction between Please remove all key material, of course, and replace the hostnames with "my.host.name" and IP address with "1.2.3.4", but please do not remove / reorder the lines in the config. |
|
Actually it would be good to have the hostname in there, to see if it's v4-only, v6-only or dual-stacked (and if there is something interesting with the host DNS). |
|
Hello, thank you very much for your effort! profile was exported from an OPNsense - OpenVPN v2.6.13 I repeated the whole..
here the log, this time on mobile network and the "generated config": |
|
Thanks, I can reproduce it with a minimal config. This works (sort of, there is nothing on 1194): enabling the so something in the local bind is messing up resolver state. |
|
Fails for me on Linux, does not fail on FreeBSD (both "git master") |
|
So I can see why my config fails on linux
arguably there is not so much we can do in this case, except "never bind on the client" (which already is the default) or force Linux to always do AF_INET6 for local bind (unless forced with I'm not sure this is what is breaking @schwabe 's case, as that one does not break for me. |
|
I can confirm my mother has the same issue on the latest version on Android TV. |
|
@rodakswe do you have a possiblity to share a config with private information removed? We are still struggling to find a way to reproduce the issue. |
|
@schwabe sure, do you need the server config as well or just the client? Edit: Just a small addition, the mooo.com domain is provided by afraid.org and my server is IPV4 only. The error on the client is (AI extracted from picture): The client config is here: |
|
I am experiencing the same issue in OpenVPN for Android 0.7.55 which I have installed from the Google Play Store. I attached my config & logs here: https://gist.github.com/Ricket/69e20224dba8a42519899387a51f37cf |
|
I also have this issue with the same error in the logs. Changing to OpenVPN 3 Core in the settings fixed it for me. Changing back to OpenVPN 2 brings the error back if that's helpful. |
|
Same issue for me. Was working on older versions. Config generated by OPNsense 25.1.2. Switching to OpenVPN 3 Core doesn't help. |
|
@calvinbui you are running into the @Ricket your configuration file also has |
|
@jimmycav can you share the configuration file to see if you have the same issue and have lport 0 in your config as well or if it is a different issue? |
|
Hi, yes I have lport 0 in my config. |
|
I was looking through the UI for which setting is the I might have added these settings to the ovpn file, or they came for free with the export in my openvpn server panel, but I haven't changed anything to break this BTW. I just use the android quick toggle to turn on my VPN, and it was working a while ago, and then it stopped working and I came here. So something changed that broke this, and could be fixed, right? In any case, I can confirm that removing |
|
I also had this problem (v 0.7.55 via Google Play), immediately after the last update from Samsung (Galaxy S24, build from 3 Feb 2025). I did the update when I was not near my Open VPN server and suspected a software or hardware problem with the server. I just removed lport 0 from my custom config (I didn't even know I had set it to that value) - it works again right away. So I would rather suspect a changed behaviour of Android here, but an update of this (excellent!) app might still help. |
|
I also had this problem. |
|
I also experienced this problem after update of no longer resolving FDQN with lport 0 in config. I was able to connect with existing profile using direct IP address instead of FDQN (which required resolving) while the lport 0 was in config. Commented lport 0 out on client in existing profile and it resumed resolving the FDQN and functions as before the update and as expected. |
|
This should be fixed with v0.7.56 (commit 9007b57) |
cron2
added a commit
to OpenVPN/openvpn
that referenced
this issue
Mar 24, 2025
'lport <anything>' used to trigger 'do socket bind', which is not
useful in itself for the 'lport 0' case (port 0 -> OS assigns a
random port, as it is done for unbound sockets) unless also binding
to a particular local IP address ('--local 192.0.2.1').
The trigger for 'lport has been used, do socket bind' is
ce.local_port_defined -> change the code to test for "0", and
only set this for non-0 ports (NOTE: this is a string match,
so if you really really want the old "lport 0" behaviour, using
"lport 00" still does that...).
The ce.local_port value is still set, so '--lport 0' together
with '--local 192.0.2.1' will give you a random port number
bound to that IP address - without 'lport 0' it would default
to 1194 or the value of '--port' (if not using '--rport').
Summary: socket bind is now only done if one of these is set
- --lport <port> with <port> not "0"
- --bind (default on the client is "--nobind")
- --local <address>
Github: schwabe/ics-openvpn#1794
Change-Id: I1976307a7643c82f31d55ca32c79cbe64b6fffc6
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Message-Id: <20250324182735.12657-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31222.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
after update to v7.5.5 address resolution fails:
downgrade back to v7.5.4 - all working
same VPN profile, same network
DNS requests are sent , successfully resolved, can see them in my pihole, goes for both versions just the same
this is Android 15, GrapheneOS current build: 2025021100
The text was updated successfully, but these errors were encountered: