Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthormrbrunes
    • CommentTimeAug 18th 2012
     permalink
    Hi

    I just installed the OpenDNS updater on Win7 (I had been running DNSCrypt successfully for a while). However the Updater window kept reporting "Looks like there's no Internet Connectivity". (This may have happened after I updated DNSCrypt to 0.0.6 but am not sure).

    So after some searching I tried nslookup myip.opendns.com :

    DNS request timed out.
    timeout was 2 seconds.
    Server: UnKnown
    Address: fec0:0:0:ffff::1

    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    *** Request to UnKnown timed-out

    Then ipconfig /all showed odd entries for DNS servers:

    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1

    I checked my config and my DNS server address were blank! I'm using a static ip and I'm sure that there used to be the OpenDNS servers manually configured there.

    I checked my other PC which runs DNSCrypt (it uses DHCP) and it had 127.0.0.1 configured as the DNS server, so I tried that setting on my static ip PC and the Updater client now works! The strange thing is that ip connectivity (other than the Updater) seemed to be working fine before.

    So what should the DNS config be with DNSCrypt and OPenDNS Updater?
    • CommentAuthormrbrunes
    • CommentTimeAug 18th 2012
     permalink
    Update: without doing anything, the Updater has apparently lost internet connectivity again. I checked my DNS entries and they have been wiped out again. :-(
    • CommentAuthorrotblitz
    • CommentTimeAug 18th 2012 edited
     permalink
    If you end the DNSCrypt GUI, it may leave the DNS entries blank. I have observed this too. However, if you start DNSCrypt again, it should set DNS to 127.0.0.1.

    And yes, 127.0.0.1 would be the right DNS entry with DNSCrypt enabled. Without DNSCrypt DNS most likely would point to the router's IP address.

    Having no DNS looks like no internet connection, but it's just no DNS.

    To prevent from happening this, I would suggest to run dnscrypt-proxy.exe alone as service, not with the Windows GUI stuff.
    https://github.com/opendns/dnscrypt-proxy/blob/master/README-WINDOWS.markdown

    The OpenDNS Updater is unrelated to this. If there is no DNS, it raises an error message. That's normal.
    Thankful People: zelus
  1.  permalink
    And your odd DNS numbers are local IPv6 addresses.
    • CommentAuthormrbrunes
    • CommentTimeAug 20th 2012
     permalink
    Tx for the info. It's all very odd since my other PC with DNSCrypt on maintains internet connectivity just fine.
    My static address PC though keeps losing the DNS server address even without exiting the DNSCrypt GUI. It works for a while after I add it back, but some time later something zaps the config and it's gone.

    Will give the proxy a go.
    • CommentAuthorrotblitz
    • CommentTimeAug 20th 2012
     permalink
    Well, pure Windows itself would never change TCP/IPv4 settings. If these settings change, then this is usually some 3rd party "connection assistent" software or the likes...
    • CommentAuthordas.nauip
    • CommentTimeSep 11th 2012
     permalink
    I am also having this issue. I have confirmed it is OpenDNSCrypt doing it. I booted up after taking the DnsCrypt out of startup.
    Then checked my DNS settings - still set @ 127.0.0.1
    Started DNSCrypt manually.
    re-checked my IPv4 settings and DNS is wiped out.
    replaced the DNS server with 127.0.0.1 and killed & relaunched DNS crypt - poof.

    I will be opening a ticket for this. I just wanted to search here and make sure I'm not crazy. Also I'm confirming to MrBrunes that someone else is seeing this behavior.
    • CommentAuthorrotblitz
    • CommentTimeSep 11th 2012 edited
     permalink
    It sounds you didn't read my answer above.

    Therefore in other words again:
    If you run the GUI, then this can happen. Only the GUI makes changes to your DNS settings. If you run the pure DNSCrypt Proxy, then nothing of this kind happens. You have to maintain your DNS settings yourself then.
    •  
      CommentAuthorjedisct1
    • CommentTimeSep 11th 2012 edited
     permalink
    Administrator
    The OpenDNS GUI for Windows tries to cope with captive portals and firewalls, and while it works most of the time, it's not bullet-proof. The OSX GUI isn't any better in this respect. Both are still in beta.

    Of course, that won't happen if you directly the proxy as a service. But you may find that a bit geeky.

    You can also try the DNSCrypt-WinClient GUI for Windows: https://github.com/Noxwizard/dnscrypt-winclient
    And that one is now compatible with dnscrypt 1.1.0.

    It's pretty dumb compared to the OpenDNS GUI, it will never change your settings unlike asked to.
    So you will have to manually disable dnscrypt if, for some reason (like a captive portal), packets are blocked. But from a security and stability perspective, it's not a bad tradeoff.

    That said, feel free to file a bug for the OpenDNS GUI on Github ( https://github.com/opendns/dnscrypt-win-client/issues ), and describe exactly what your setup is. If your computer is using DHCP, if you are running an antivirus and a firewall, if your router also happens to firewall things, etc. That can really help its developers. The more details you provide, the more likely it is that a future version will solve your issues.
    Thankful People: maintenance
    • CommentAuthorpnutts
    • CommentTimeSep 12th 2012
     permalink
    I have the same issues with peek-a-boo DNS ip address entries. I gave up on version 0.0.5 and 0.0.6 has the same issues. I don't have confidence in the committment to this product. If the large issues like this aren't going to be resolved in updates then I consider it an Alpha, not a Beta. But the good news is there's no attack surface if you can't resolve a DNS server! ;)
    • CommentAuthorrotblitz
    • CommentTimeSep 12th 2012
     permalink
    @pnutts
    It sounds you did something incredibly wrong. What are your issues?
  2.  permalink
    Further, the proxy is the only important part. Ditch the GUI if you have issues with it. Simple. Plus, no one is ever going to fully automate anything that can account for every ridiculous network configuration and software in use. Impossible.
    • CommentAuthorpnutts
    • CommentTimeSep 13th 2012
     permalink
    @rotblitz
    Nothing spectacular, just the same issues as the others. The ver. 0.0.6 GUI (download link on OpenDNS's site) removes the IP address from the IPv4 Preferred DNS server IP address. When the IP address is there the proxy itself appears to work OK. Following your advice I've installed (only) the proxy and skipped the GUI. I've just installed it and will kick the tires.

This discussion has been inactive for longer than 30 days, and is thus closed.