DNS doesn't work on a few devices

[tseglevskiy]

I have problem with one device (from about 80).

Apk installed, relay on host started, connection by 'reverse' setted, broadcast for activation sent, VPN started. As result Gnirehtet's VPN works: I can open some IP-based web page by IP (I mean http://10.10.10.10 url).

But it doesn't resolve any hostname. I see requests in gnirehtet's log, I see answers by tcpdump. I can reproduce it with last Java version and previous Rust. Device is clean (I did factory reset just before experiment, wasn't connected to WiFi, no one additional app). The same host/wire/adb/gnirehtet works fine with different device.

It there any ideas what's wrong? What logs can help to investigate?

So, versions:

• gnirehtet-java-v2.3.zip or gnirehtet-rust-macos64-v2.2.1.zip
• MacOS 10.12.6
• SM-T815Y (Galaxy Tab S2), Android 7.0, Security patch January 1, 2018

2018-11-09 18:09:40.493 INFO Main: Starting relay server...
2018-11-09 18:09:40.493 INFO Relay: Relay server started
2018-11-09 18:09:54.983 INFO TunnelServer: Client #0 connected
2018-11-09 18:10:06.413 INFO TcpConnection: 10.0.0.2:49299 -> 10.118.203.233:80 Open
2018-11-09 18:10:06.414 INFO TcpConnection: 10.0.0.2:49300 -> 10.118.203.233:80 Open
2018-11-09 18:10:06.769 INFO TcpConnection: 10.0.0.2:49301 -> 10.118.203.233:80 Open
2018-11-09 18:10:06.773 INFO TcpConnection: 10.0.0.2:49302 -> 10.118.203.233:80 Open
2018-11-09 18:10:12.052 INFO TcpConnection: 10.0.0.2:49303 -> 10.118.203.233:80 Open
2018-11-09 18:10:15.862 INFO UdpConnection: 10.0.0.2:39428 -> 8.8.8.8:53 Open
2018-11-09 18:10:23.051 INFO TcpConnection: 10.0.0.2:49300 -> 10.118.203.233:80 Close
2018-11-09 18:10:23.051 INFO TcpConnection: 10.0.0.2:49299 -> 10.118.203.233:80 Close
2018-11-09 18:10:23.052 INFO TcpConnection: 10.0.0.2:49302 -> 10.118.203.233:80 Close
2018-11-09 18:10:23.052 INFO TcpConnection: 10.0.0.2:49301 -> 10.118.203.233:80 Close
2018-11-09 18:10:23.055 INFO TcpConnection: 10.0.0.2:49303 -> 10.118.203.233:80 Close
2018-11-09 18:10:23.079 INFO UdpConnection: 10.0.0.2:6521 -> 8.8.8.8:53 Open
2018-11-09 18:10:33.362 INFO UdpConnection: 10.0.0.2:19474 -> 8.8.8.8:53 Open

[rom1v]

Is 8.8.8.8 reachable from your computer:

dig @8.8.8.8 github.com

?

You can use a custom DNS with:

gnirehtet start -d xx.xx.xx.xx

[tseglevskiy]

And the same problem with SM-N920C (Samsung Galaxy Note 5), Android 7.0, Security patch December 1, 2017.

[tseglevskiy]

Yes, 8.8.8.8 reachable, see dig below. Also I checked answers by tcpdump, they correct and make sense.

Other devices work fine.

Custom DNS doesn't work also.

Relay is alive (I can connect another device, and it will work)

; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 github.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50219
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;github.com.			IN	A

;; ANSWER SECTION:
github.com.		59	IN	A	52.74.223.119
github.com.		59	IN	A	13.229.188.59
github.com.		59	IN	A	13.250.177.223

;; Query time: 43 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Nov  9 18:28:59 2018
;; MSG SIZE  rcvd: 76

➜  gnirehtet-rust-macos64 

[rom1v]

Are there any relevant logs in the output of adb logcat?

[rom1v]

Custom DNS doesn't work also.

You need to gnirehtet stop before a new gnirehtet start -d xx.xx.xx.xx.

When you say it does not work, does it still attempt to connect to 8.8.8.8?

[rom1v]

But it doesn't resolve any hostname.

From what client? (web browser?)

[tseglevskiy]

Nope, I still see requests to 8.8.8.8:

➜  gnirehtet-java ./gnirehtet start -d 10.120.1.15
2018-11-09 18:38:16.915 I Gnirehtet: Checking gnirehtet client...
2018-11-09 18:38:17.105 I Gnirehtet: Starting client...
Broadcasting: Intent { act=com.genymobile.gnirehtet.START cmp=com.genymobile.gnirehtet/.GnirehtetControlReceiver launchParam=MultiScreenLaunchParams { mDisplayId=0 mFlags=0 } (has extras) }
Broadcast completed: result=0
➜  gnirehtet-java 

➜  gnirehtet-java ./gnirehtet relay
2018-11-09 18:37:59.115 I Gnirehtet: Starting relay server...
2018-11-09 18:37:59.189 I Relay: Relay server started
2018-11-09 18:38:22.014 I TunnelServer: Client #0 connected
2018-11-09 18:38:22.179 I UDPConnection: UDP 10.0.0.2:36699 -> 8.8.8.8:53 Open
2018-11-09 18:38:29.592 I UDPConnection: UDP 10.0.0.2:35165 -> 8.8.8.8:53 Open

[rom1v]

I still see requests to 8.8.8.8

It should only happen if you didn't stop before starting. I cannot reproduce otherwise.

What about:

./gnirehtet restart -d 4.4.4.4

(which stops then starts)?

[tseglevskiy]

About browser was good question. The Internet (Samsung's browser) doesn't work, Crome does.

Does It mean that problem with browser, not with VPN/gnirehtet?

[rom1v]

About browser was good question. The Internet (Samsung's browser) doesn't work, Crome does.

So I guess the browser uses its own DNS, which is not reachable from your computer.

[tseglevskiy]

Yes, 'restart' works, it starts to go to 4.4.4.4. Chrome still works, Internet still doesn't.

2018-11-09 18:44:09.175 I TunnelServer: Client #0 disconnected
2018-11-09 18:44:10.375 I TunnelServer: Client #1 connected
2018-11-09 18:44:10.618 I TCPConnection: TCP 10.0.0.2:53059 -> 23.10.169.144:443 Open
2018-11-09 18:44:10.619 W TCPConnection: TCP 10.0.0.2:53059 -> 23.10.169.144:443 Unexpected first packet 1711903326; acking 908520690; flags=25
2018-11-09 18:44:10.619 I TCPConnection: TCP 10.0.0.2:53059 -> 23.10.169.144:443 Close
2018-11-09 18:44:11.375 I UDPConnection: UDP 10.0.0.2:17738 -> 4.4.4.4:53 Open
2018-11-09 18:44:11.377 I UDPConnection: UDP 10.0.0.2:15243 -> 4.4.4.4:53 Open
2018-11-09 18:44:11.379 I UDPConnection: UDP 10.0.0.2:8622 -> 4.4.4.4:53 Open

[tseglevskiy]

I didn't understand about unreachable DNS. I don't see other DNS connections in relay's output. How the browser can try to access to some DNS skip VPN/gnirehtet?

[rom1v]

I didn't understand about unreachable DNS. I don't see other DNS connections in relay's output. How the browser can try to access to some DNS skip VPN/gnirehtet?

Another possibility is that the browser app does not check for connectivity, but only for 3G and wifi, and do not send DNS requests when it thinks there is no connection (see #37).

You can confirm this by enabling (and connecting) to a wifi network while gnirehtet is active. If it works, then this is the cause.

[tseglevskiy]

Looks like problem with browser. I'll change default browser, hope it'll help.

Thank you very much.

[tseglevskiy]

Yes, on this device Google Play app also has problem with access to server.

[rom1v]

Yes, on this device Google Play app also has problem with access to server.

OK (but this does not prove that the Samsung browser has the same issue).

Looks like problem with browser.

Yes, anyway 😉

[tseglevskiy]

I connected device to WiFi and updated all apps from Google Play (including some libraries, Google Play app itself and Samsung's the Internet browser). New set works through gnirehtet fine.

If I do factory reset, I reproduce the problem back.

[caburet]

Same problem. I try 4 DNS (2 google and 2 from my local ISP) and keep happend. I have similar problem in /issues/153 for more detail. Keep asking for DNS. I restart the device and genymobile, deny access to storage and change default DNS with the local one and now its working again.