starred/AdGuardHome

Fork 0

mirror of https://github.com/AdguardTeam/AdGuardHome.git synced 2026-03-04 00:01:12 -05:00

ERR_NAME_NOT_RESOLVED on my.tabnine.com in DNS over TLS on Android #3023

New issue

Open

opened 2026-03-04 02:51:20 -05:00 by deekerman · 6 comments

deekerman commented

2026-03-04 02:51:20 -05:00

Owner

Originally created by @LagSeeN on GitHub (Sep 7, 2021).

Prerequisites

I am running the latest version
I checked the documentation and found no answer
I checked to make sure that this issue has not already been filed

Issue Details

Version of AdGuard Home server:
- v0.106.3
How did you install AdGuard Home:
- GitHub
How did you setup DNS configuration:
- Router
CPU architecture:
- x86_64
Operating system and version:
- Ubuntu 20.04

Step

setting DNS over TLS on Android (important)
goto browser and go to https://my.tabnine.com/
you will see ERR_NAME_NOT_RESOLVED

I try to change DNS to google it can access this website (DNS over TLS)
I try to use DNS over HTTPS client on my android phone it can access this website
I try to use plaintext DNS on my android phone it can access this website
I try to use DNS over TLS on another android phone it can't access this website show ERR_NAME_NOT_RESOLVED

My Setting

Upstream DNS servers : https://dns.google/dns-query
Bootstrap DNS servers : 8.8.8.8 , 8.8.4.4

EDNS
DNSSEC

Screenshots

Screenshot:

Originally created by @LagSeeN on GitHub (Sep 7, 2021). ### Prerequisites - [x] I am running the latest version - [x] I checked the documentation and found no answer - [x] I checked to make sure that this issue has not already been filed ### Issue Details  * **Version of AdGuard Home server:** * v0.106.3 * **How did you install AdGuard Home:** * GitHub * **How did you setup DNS configuration:** * Router * **CPU architecture:** * x86_64 * **Operating system and version:** * Ubuntu 20.04 ### Step 1. setting DNS over TLS on Android (important) 2. goto browser and go to https://my.tabnine.com/ 3. you will see ERR_NAME_NOT_RESOLVED I try to change DNS to google it can access this website (DNS over TLS) I try to use DNS over HTTPS client on my android phone it can access this website I try to use plaintext DNS on my android phone it can access this website I try to use DNS over TLS on another android phone it can't access this website show ERR_NAME_NOT_RESOLVED ### My Setting Upstream DNS servers : https://dns.google/dns-query Bootstrap DNS servers : 8.8.8.8 , 8.8.4.4 - [x] EDNS - [x] DNSSEC ### Screenshots  <details><summary>Screenshot:</summary>  ![](https://i.imgur.com/xLh0iACl.jpg) </details>

deekerman added the

cannot reproduce

needs investigation

labels

2026-03-04 02:51:20 -05:00

deekerman commented

2026-03-04 02:51:32 -05:00

Author

Owner

@ainar-g commented on GitHub (Sep 8, 2021):

Hello and thank you for your report. We have a couple of questions:

Are you using ClientIDs in DoT? That is, do you set it to yourdomain.local or to client-123.yourdomain.local?
Same with DoH (which, as far as I could tell, still works?). Do you set the DNS address to https://yourdomain.local/dns-query or to https://yourdomain.local/dns-query/client-123?
Can you see the queries in the query log?
Are any other websites affected?

Thanks!

@ainar-g commented on GitHub (Sep 8, 2021): Hello and thank you for your report. We have a couple of questions: 1. Are you using ClientIDs in DoT? That is, do you set it to `yourdomain.local` or to `client-123.yourdomain.local`? 1. Same with DoH (which, as far as I could tell, still works?). Do you set the DNS address to `https://yourdomain.local/dns-query` or to `https://yourdomain.local/dns-query/client-123`? 1. Can you see the queries in the query log? 1. Are any other websites affected? Thanks!

deekerman commented

2026-03-04 02:51:33 -05:00

Author

Owner

@LagSeeN commented on GitHub (Sep 8, 2021):

client-123.yourdomain.local but I try yourdomain.local it same result
https://yourdomain.local/dns-query/client-123 it work can access this website
yes I see and record have A, CNAME
now I see the problem only my.tabnine.com

@LagSeeN commented on GitHub (Sep 8, 2021): 1. `client-123.yourdomain.local` but I try `yourdomain.local` it same result 2. `https://yourdomain.local/dns-query/client-123` it work can access this website 3. yes I see and record have A, CNAME 4. now I see the problem only my.tabnine.com

deekerman commented

2026-03-04 02:51:33 -05:00

Author

Owner

@ainar-g commented on GitHub (Sep 21, 2021):

Sorry for the long time between responses. Are you sure that there aren't any additional DNS filters on your Android phone that could interfere here?

If there aren't any, please configure your AdGuard Home to collect logs by setting verbose to true, reproduce the issue (that is, make a request to the website from your Android phone), and send the logs to us at devteam@adguard.com. Please add the words “AdGuard Home Issue 3562” to the subject line. Thanks!

@ainar-g commented on GitHub (Sep 21, 2021): Sorry for the long time between responses. Are you sure that there aren't any additional DNS filters on your Android phone that could interfere here? If there aren't any, please [configure] your AdGuard Home to collect logs by setting `verbose` to `true`, reproduce the issue (that is, make a request to the website from your Android phone), and send the logs to us at devteam@adguard.com. Please add the words “AdGuard Home Issue 3562” to the subject line. Thanks! [configure]: https://github.com/AdguardTeam/AdGuardHome/wiki/FAQ#verboselog

deekerman commented

2026-03-04 02:51:33 -05:00

Author

Owner

@LagSeeN commented on GitHub (Sep 21, 2021):

Sending logs has been completed.

I checked my phone and it's set to only use DNS over TLS, and there's no block in the query log in AdGuard Home.

@LagSeeN commented on GitHub (Sep 21, 2021): Sending logs has been completed. I checked my phone and it's set to only use DNS over TLS, and there's no block in the query log in AdGuard Home.

deekerman commented

2026-03-04 02:51:33 -05:00

Author

Owner

@ainar-g commented on GitHub (Sep 22, 2021):

Thanks! We have received the logs, but unfortunately we don't see anything wrong there. We will keep trying to reproduce it, but at this point I doubt that this is an AGH issue, to be honest.

@ainar-g commented on GitHub (Sep 22, 2021): Thanks! We have received the logs, but unfortunately we don't see anything wrong there. We will keep trying to reproduce it, but at this point I doubt that this is an AGH issue, to be honest.

deekerman commented

2026-03-04 02:51:33 -05:00

Author

Owner

@LagSeeN commented on GitHub (Sep 22, 2021):

Thanks I found one website that had a problem.
domain acs.cimbthai.com and I found that if I disable IPv6 address resolving, the site can still be accessed. However, my network supports IPv6, so this is not the best practice. Now I configured DNS rewrites IPv6 to ::1 to disable IPv6 answer for only the site that had a problem.

but my.tabnine.com and acs.cimbthai.com had only A record idk why my phone wait AAAA record but with dns.google no problem

@LagSeeN commented on GitHub (Sep 22, 2021): Thanks I found one website that had a problem. domain `acs.cimbthai.com` and I found that if I disable IPv6 address resolving, the site can still be accessed. However, my network supports IPv6, so this is not the best practice. Now I configured DNS rewrites IPv6 to ::1 to disable IPv6 answer for only the site that had a problem. but my.tabnine.com and acs.cimbthai.com had only A record idk why my phone wait AAAA record but with dns.google no problem

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/AdGuardHome#3023

No description provided.

Rows
Columns