- This topic has 20 replies, 3 voices, and was last updated 1 month, 2 weeks ago by
.
-
Posts
-
Hello, I have an issue with DNS using the latest version of WireSock (1.2.37.1):
DNS requests are incredibly slow, and nslookup fails.
Without VPN:
PS C:\Users\Alex> nslookup google.com Server: fritz.box Address: fd00::### Non-authoritative answer: Name: google.com Addresses: 2a00:1450:4002:403::200e 142.250.180.174
With WireGuard official client:
PS C:\Users\Alex> nslookup google.com Server: dns9.quad9.net Address: 9.9.9.9 Non-authoritative answer: Name: google.com Addresses: 2a00:1450:4002:416::200e 142.251.209.46
With WireSock:
PS C:\Users\Alex> nslookup google.com DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: fd00::#### DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. *** Request to UnKnown timed-out
Configuration:
[Interface] PrivateKey = ### Address = 10.128.0.7/32 DNS = 9.9.9.9, 1.1.1.1, 1.0.0.1 [Peer] PublicKey = ### Endpoint = 1xx.xxx.xxx.xxx:443 PersistentKeepalive = 15 AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/0 DisallowedApps = C:\Program Files\Google\Chrome\Application\chrome.exe
Hope you can help with this issue, thanks!
Log level: all
Cannot submit because of CleanTalk anti-spam. Link: https://pastebin.com/QcXg2jsw
In your nslookup output, you have an IPv6 address for the DNS server. In transparent mode, WireSock translates addresses in DNS requests, but it can only replace IPv6 with IPv6 and IPv4 with IPv4. Since your configuration lacks an IPv6 DNS server, nslookup requests to fd00::#### fail. Please consider using WireSock in virtual adapter mode. In this mode, WireSock adds DNS addresses to the virtual network adapter, similar to the standard WireGuard for Windows.
In the log DNS queries from Chrome do not seem to have any problems:
2024-05-15 15:56:48 [FILTER]: C:\Program Files\Google\Chrome\Application\chrome.exe : DNS : 10.0.8.71:61254 -> 9.9.9.9[10.0.0.1]:53 2024-05-15 15:56:48 [TUN]: DNS request to 10.0.0.1 forwarded to 1.0.0.1 2024-05-15 15:56:48 [TUN]: DNS response from 1.0.0.1 translated as from 10.0.0.1 2024-05-15 15:56:48 [TUN]: DNS response from 1.0.0.1 translated as from 10.0.0.1 2024-05-15 15:56:48 [TUN]: DNS response from 1.0.0.1 translated as from 10.0.0.1P.S. There is a non-public update you might consider trying:
https://www.wiresock.net/downloads/wiresock-vpn-client-x64-1.2.41.1.msi
https://www.wiresock.net/downloads/wiresock-vpn-client-ARM64-1.2.41.1.msi
https://www.wiresock.net/downloads/wiresock-vpn-client-x86-1.2.41.1.msi
Thanks for your answer. What’s new/different on the version you’ve linked? I tried it without changing anything and the issue persists. I will try the adapter mode later
Please disregard the “DisallowedApps […] chrome.exe” because the config used for the logs did not include that line.
Configuring a virtual network interface requires elevated privileges; therefore, the answer is no. Transparent mode can be used without these privileges, but as you’ve observed, it may cause some issues. If you can replicate the problem and capture the traffic (log and pcap files) using the “log-level all” option, I can try to diagnose and fix the issue.
These are the pcap and other files linked with the log posted in this thread: https://drive.google.com/drive/folders/1JIGSdrMuNDUMadzJEA9gyKxo21iAUIcx?usp=sharing Thank you
Thank you for sharing the logs. While I don’t see any obvious problems in the DNS traffic, could you please remove the alternative DNS servers from the configuration, leaving only a single one, such as DNS = 1.1.1.1, and check if the problem persists? The issue might be that DNS queries are being redirected to alternative DNS servers using a round-robin algorithm. For example, three DNS queries originally destined for 10.0.0.1 are redirected as follows:
10.128.0.7 9.9.9.9 DNS 78 Standard query 0x1cc5 AAAA gateway.discord.gg 10.128.0.7 1.1.1.1 DNS 78 Standard query 0x94d7 A gateway.discord.gg 10.128.0.7 1.0.0.1 DNS 78 Standard query 0x5ceb HTTPS gateway.discord.ggWhile all requests are properly responded to by the requested DNS servers, I suspect there might be some sort of collision with CDN-based services.
Hello Alex,
I have added an exception to CleanTalk anti-spam, hopefully you won’t run into this again.
Thank you, unfortunately, if I post my messages are still hidden. Use the previous google drive link to find the new logs and related files. Apparently, I cannot link anything else or it gets deleted/hidden.
I apologize for the delay; I’ve been quite overloaded these past few weeks. Could you please provide a detailed description of the issue? In the logs I previously reviewed, I did not notice any problems. However, I suspect that sending DNS queries to different DNS servers could cause issues with CDN-based services. I need a detailed description, preferably with screenshots or a video recording of the problem, as well as the WireSock textual log and PCAP files. This will allow me to conduct a thorough analysis.
- You must be logged in to reply to this topic.