0

yet another This device is not using NextDNS.

quick sitrep:

three systems, all running Kubuntu 2204 and NextDNS 1.42

All OS are up to date.

browsers WaterFox, FireFox, LibreFox report working NextDNS on two systems.

yet, on one system, FireFox, WaterFox, LibreFox complain of the above "not using" when on nextdns.io, which identifies "This device is currently using 'TerraTransit AG' as DNS resolver." (all browsers installed using either FlatPak or SNAP so ARE isolated from each other.)

 

(also, if i understood what i was doing on the ADMINACCOUNT, System Settings/Network, i MANUALLY set the DNS to 45.90.28.241 and 45.90.30.241; but i am uncertain as to how to get the OS to display if it is actually using these, or, which DNS settings as one could in Windows using the CLI command: ipconfig /all which would detail the OS' configured DNS)

 

here are CLI details of NextDNS:

=========================================

ADMINACCOUNT@5479:~$ sh -c "$(curl -sL https://nextdns.io/install)"
INFO: OS: ubuntu
INFO: GOARCH: amd64
INFO: GOOS: linux
INFO: NEXTDNS_BIN: /usr/bin/nextdns
INFO: INSTALL_RELEASE: 1.42.0
c) Configure NextDNS
r) Remove NextDNS
e) Exit
Choice (default=c): c
NextDNS Profile ID (default=#################):
Sending your devices name lets you filter analytics and logs by device.
Report device name? [Y|n]: y
Accept DNS request from other network hosts.
Setup as a router? (y/n): n
Make NextDNS CLI cache responses. This improves latency and reduces the amount
of queries sent to NextDNS.
Enable caching? [Y|n]: y
Instant refresh will force low TTL on responses sent to clients so they rely
on CLI DNS cache. This will allow changes on your NextDNS config to be applied
on your LAN hosts without having to wait for their cache to expire.
Enable instant refresh? [Y|n]: y
Changes DNS settings of the host automatically when NextDNS is started.
If you say no here, you will have to manually configure DNS to 127.0.0.1.
Automatically setup local host DNS? [Y|n]: y
NextDNS installed and started using systemd init
c) Configure NextDNS
r) Remove NextDNS
e) Exit
Choice (default=c): e

=========================================

Usage: nextdns <command> [arguments]

The commands are:

install         install service init on the system
   uninstall       uninstall service init from the system
   start           start installed service
   stop            stop installed service
   restart         restart installed service
   status          return service status
   log             show service logs
   upgrade         upgrade the cli to the latest version
   run             run the daemon
   config          manage configuration
   activate        setup the system to use NextDNS as a resolver
   deactivate      restore the resolver configuration
   discovered      display discovered clients
   cache-stats     display cache statistics
   cache-keys      dump the list of cached entries
   trace           display a stack trace dump
   version         show current version

USERACCOUNT@5479:~$ nextdns version
nextdns version 1.42.0

USERACCOUNT@5479:~$ nextdns status
running

USERACCOUNT@5479:~$ nextdns log
Error: not supported

=========================================

(not supported?)

So.

I can not provide "log" information, for, some, reason.

Also, as two of the systems are IDENTICAL OS & Hardware,

this suggests there is a specific configuration issue on the one.

I would appreciate suggestions on additional tests i can run to track-down what is amiss on the one problem system.

28 replies

null
    • Christopher_H
    • 8 mths ago
    • Reported - view

    found it: "dig"

     

    which displays:

    USERACCOUNT@5479:~$ dig

    ; <<>> DiG 9.18.18-0ubuntu0.22.04.2-Ubuntu <<>>
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34178
    ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ;; QUESTION SECTION:
    ;.                              IN      NS

    ;; ANSWER SECTION:
    . 1800 IN NS g.root-servers.net.
    . 1800 IN NS l.root-servers.net.
    . 1800 IN NS f.root-servers.net.
    . 1800 IN NS c.root-servers.net.
    . 1800 IN NS m.root-servers.net.
    . 1800 IN NS e.root-servers.net.
    . 1800 IN NS i.root-servers.net.
    . 1800 IN NS b.root-servers.net.
    . 1800 IN NS a.root-servers.net.
    . 1800 IN NS k.root-servers.net.
    . 1800 IN NS d.root-servers.net.
    . 1800 IN NS j.root-servers.net.
    . 1800 IN NS h.root-servers.net.

    ;; Query time: 72 msec
    ;; SERVER: 45.90.30.241#53(45.90.30.241) (UDP)
    ;; WHEN: Wed Mar 06 15:35:28 EST 2024
    ;; MSG SIZE  rcvd: 239

    • Christopher_H
    • 8 mths ago
    • Reported - view

    sooo,... no guidance from the gurus on additional tests i can perform to determine the source of the above DNS use confusion?

      • R_P_M
      • 8 mths ago
      • Reported - view

       Sorry a bit late to this, only just read your thread.

      When using the CLI your OS should be pointed to 127.0.0.1 for DNS lookups (as that is where the CLI is listening). By setting up 45.90.28.* & 45.90.30.* manually you’re actually bypassing the NextDNS CLI. 

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      Thank you for the input.

      I did remove all Network Connections settings, placing back to 'Automatic,' rebooted PC, and here are my abysmal results:

      ==========================

      ADMINACCT@5479:~$ nextdns activate
      Error: setup resolv.conf: write /etc/resolv.conf.nextdns-tmp: open /etc/resolv.conf.nextdns-tmp: permission denied😲
      ADMINACCT@5479:~$ sudo nextdns
      [sudo] password for ADMINACCT:
      Usage: nextdns <command> [arguments]

      The commands are:

          install         install service init on the system
          uninstall       uninstall service init from the system
          start           start installed service
          stop            stop installed service
          restart         restart installed service
          status          return service status
          log             show service logs
          upgrade         upgrade the cli to the latest version
          run             run the daemon
          config          manage configuration
          activate        setup the system to use NextDNS as a resolver
          deactivate      restore the resolver configuration
          discovered      display discovered clients
          cache-stats     display cache statistics
          cache-keys      dump the list of cached entries
          trace           display a stack trace dump
          version         show current version

      ADMINACCT@5479:~$ sudo nextdns activate
      Error: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted😠
      ADMINACCT@5479:~$ nextdns status
      running
      ADMINACCT@5479:~$ nextdns version
      nextdns version 1.42.0
      ADMINACCT@5479:~$ nextdns config
      profile ######
      log-queries false
      mdns all
      bogus-priv true
      use-hosts true
      max-inflight-requests 256
      hardened-privacy false
      timeout 5s
      debug false
      listen localhost:53
      cache-size 10MB
      cache-max-age 0s
      discovery-dns
      control /var/run/nextdns.sock
      auto-activate true
      max-ttl 5s
      report-client-info true
      detect-captive-portals false
      setup-router false
      ADMINACCT@5479:~$

      ==========================

      USERACCT@5479:~$ dig

      ; <<>> DiG 9.18.18-0ubuntu0.22.04.2-Ubuntu <<>>
      ;; global options: +cmd
      ;; Got answer:
      ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15754
      ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

      ;; OPT PSEUDOSECTION:
      ; EDNS: version: 0, flags:; udp: 1232
      ;; QUESTION SECTION:
      ;.                              IN      NS

      ;; ANSWER SECTION:
      . 1800 IN NS b.root-servers.net.
      . 1800 IN NS c.root-servers.net.
      . 1800 IN NS d.root-servers.net.
      . 1800 IN NS e.root-servers.net.
      . 1800 IN NS f.root-servers.net.
      . 1800 IN NS g.root-servers.net.
      . 1800 IN NS h.root-servers.net.
      . 1800 IN NS i.root-servers.net.
      . 1800 IN NS j.root-servers.net.
      . 1800 IN NS k.root-servers.net.
      . 1800 IN NS l.root-servers.net.
      . 1800 IN NS m.root-servers.net.
      . 1800 IN NS a.root-servers.net.

      ;; Query time: 87 msec
      ;; SERVER: 45.90.30.241#53(45.90.30.241) (UDP)
      ;; WHEN: Sat Mar 09 13:45:13 EST 2024
      ;; MSG SIZE  rcvd: 239

      USERACCT@5479:~$ nextdns status
      running
      ==========================

      kinda feels like i am slipping further down the Rabbit's Hole

      Is there anything else i may attempt to determine 1. Why this OS has recently chosen to use different DNS, and what other CLI tests i can implement?

      {i do not think anything has changed OS-wise}

      Do please keep in mind, that while i am using Kubuntu,

      i am by NO means an All Knowing Linux Elite Who Knows & Can Instantly-recall ALL the MAN Pages!!

      So a simplified answer would be greatly appreciated 🥺

      • R_P_M
      • 8 mths ago
      • Reported - view

       Hmm… very odd that sudo nextdns activate returns that error with permission denied.

      Anyway, let’s see the output for 

      systemctl status nextdns -o cat

      (you may need to scroll the output with the arrow keys to get to the end, then press “q”)

      Also same command after “sudo nextdns restart”, thanks. (some entries might not show up as log may not go back that far first time)

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      Thank you RPM for this assistance :)
      here are the results:

      ADMINACCT@5479:~$ systemctl status nextdns -o cat
      ● nextdns.service - NextDNS DNS53 to DoH proxy.
           Loaded: loaded (/etc/systemd/system/nextdns.service; enabled; vendor preset: enabled)
           Active: active (running) since Tue 2024-03-12 10:08:01 EDT; 27min ago
         Main PID: 1043 (nextdns)
            Tasks: 11 (limit: 18996)
           Memory: 12.1M
              CPU: 111ms
           CGroup: /system.slice/nextdns.service
                   └─1043 /usr/bin/nextdns run

      Starting NextDNS 1.42.0/linux on localhost:53
      Listening on TCP/127.0.0.1:53
      Listening on UDP/127.0.0.1:53
      Activating
      Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted
      Network change detected: enp5s0 flag up|broadcast|multicast -> up|broadcast|multicast|running
      Endpoint provider failed: SourceHTTPSSVCProvider(dns.nextdns.io, https://dns.nextdns.io#45.90.28.0,2a07:a8c0::,45.90.30.0,2a07:a8c1::): exchange: rou>
      Endpoint failed: https://dns1.nextdns.io#45.90.28.0,2a07:a8c0::: roundtrip: dial tcp 45.90.28.0:443: connect: network is unreachable
      Endpoint failed: https://dns2.nextdns.io#45.90.30.0,2a07:a8c1::: roundtrip: dial tcp 45.90.30.0:443: connect: network is unreachable
      Switching endpoint: 127.0.0.1:53

      ADMINACCT@5479:~$ sudo nextdns restart
      [sudo] password for ADMINACCT:
      ADMINACCT@5479:~$ sudo nextdns restart
      ADMINACCT@5479:~$ systemctl status nextdns -o cat
      ● nextdns.service - NextDNS DNS53 to DoH proxy.
           Loaded: loaded (/etc/systemd/system/nextdns.service; enabled; vendor preset: enabled)
           Active: active (running) since Tue 2024-03-12 10:36:59 EDT; 15s ago
         Main PID: 7300 (nextdns)
            Tasks: 9 (limit: 18996)
           Memory: 1.4M
              CPU: 5ms
           CGroup: /system.slice/nextdns.service
                   └─7300 /usr/bin/nextdns run

      Started NextDNS DNS53 to DoH proxy..
      Starting NextDNS 1.42.0/linux on localhost:53
      Listening on TCP/127.0.0.1:53
      Listening on UDP/127.0.0.1:53
      Activating
      Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted

      ADMINACCT@5479:~$

      • R_P_M
      • 8 mths ago
      • Reported - view

       Looks like it’s still not accessing /etc/resolv.conf 

      Probably need to check the file out.

      ls -lhA /etc | grep -i resolv

      In the meantime just set the network DNS to 127.0.0.1 and see if it’s using the CLI. 
      curl -L https://test.nextdns.io

      (no need to post here the results of above curl, should be obvious if working correctly)

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      Thank you again! :D

      i will need to log out/in to the ADMIN acct to manually set the NIC to 127, but for now:

      =======

      USERACCT@5479:~$ ls -lhA /etc | grep -i resolv
      -rw-r--r--  1 root root     48 May 14  2023 resolv.conf
      lrwxrwxrwx  1 root root     39 Jun  9  2022 resolv.conf.nextdns-bak -> ../run/systemd/resolve/stub-resolv.conf
      -rw-r--r--  1 root root    121 Mar 12 10:37 resolv.conf.nextdns-tmp
      USERACCT@5479:~$ curl -L https://test.nextdns.io
      {
             "status": "unconfigured",
             "resolver": "45.134.224.92",
             "srcIP": "45.134.224.83",
             "server": "anexia-chi-1"
      }
      USERACCT@5479:~$

      =======

       

      kinda thinking that "unconfigured" means something, huh?

      • R_P_M
      • 8 mths ago
      • Reported - view

       Yep, it’s not using NextDNS at all, that’s what you see on the test.

      I don’t see any permission issues with the resolv.conf file, very odd why it’s not allowing it. Maybe deleting the tmp file might unlock things? It shouldn’t cause any harm in doing so.

      sudo rm -i /etc/resolv.conf.nextdns-tmp

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      needless to say, i am beginning to become discouraged,...

      ADMINACCT@5479:~$ sudo rm -i /etc/resolv.conf.nextdns-tmp
      [sudo] password for ADMINACCT:
      rm: remove regular file '/etc/resolv.conf.nextdns-tmp'? y
      ADMINACCT@5479:~$ sudo rm -i /etc/resolv.conf.nextdns-tmp
      rm: cannot remove '/etc/resolv.conf.nextdns-tmp': No such file or directory
      ADMINACCT@5479:~$ sh -c "$(curl -sL https://nextdns.io/install)"
      INFO: OS: ubuntu
      INFO: GOARCH: amd64
      INFO: GOOS: linux
      INFO: NEXTDNS_BIN: /usr/bin/nextdns
      INFO: INSTALL_RELEASE: 1.42.0
      c) Configure NextDNS
      r) Remove NextDNS
      e) Exit
      Choice (default=c): c
      NextDNS Profile ID (default=#######):
      Sending your devices name lets you filter analytics and logs by device.
      Report device name? [Y|n]: y
      Accept DNS request from other network hosts.
      Setup as a router? (y/n): n
      Make NextDNS CLI cache responses. This improves latency and reduces the amount
      of queries sent to NextDNS.
      Enable caching? [Y|n]: y
      Instant refresh will force low TTL on responses sent to clients so they rely
      on CLI DNS cache. This will allow changes on your NextDNS config to be applied
      on your LAN hosts without having to wait for their cache to expire.
      Enable instant refresh? [Y|n]: y
      Changes DNS settings of the host automatically when NextDNS is started.
      If you say no here, you will have to manually configure DNS to 127.0.0.1.
      Automatically setup local host DNS? [Y|n]: y
      NextDNS installed and started using systemd init
      c) Configure NextDNS
      r) Remove NextDNS
      e) Exit
      Choice (default=c): e
      ADMINACCT@5479:~$ nextdns status
      running
      ADMINACCT@5479:~$ nextdns log
      Mar 12 10:08:01 5479 systemd[1]: Started NextDNS DNS53 to DoH proxy..
      Mar 12 10:08:07 5479 nextdns[1043]: Starting NextDNS 1.42.0/linux on localhost:53
      Mar 12 10:08:07 5479 nextdns[1043]: Listening on TCP/127.0.0.1:53
      Mar 12 10:08:07 5479 nextdns[1043]: Listening on UDP/127.0.0.1:53
      Mar 12 10:08:12 5479 nextdns[1043]: Activating
      Mar 12 10:08:12 5479 nextdns[1043]: Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted
      Mar 12 10:08:17 5479 nextdns[1043]: Network change detected: enp5s0 flag up|broadcast|multicast -> up|broadcast|multicast|running
      Mar 12 10:08:17 5479 nextdns[1043]: Endpoint provider failed: SourceHTTPSSVCProvider(dns.nextdns.io, https://dns.nextdns.io#45.90.28.0,2a07:a8c0::,45.90.30.0,2a07:a8c1::): exchange: roundtrip: dial tcp 45.90.28.0:443: connect: network is unreachable
      Mar 12 10:08:17 5479 nextdns[1043]: Endpoint failed: https://dns1.nextdns.io#45.90.28.0,2a07:a8c0::: roundtrip: dial tcp 45.90.28.0:443: connect: network is unreachable
      Mar 12 10:08:17 5479 nextdns[1043]: Endpoint failed: https://dns2.nextdns.io#45.90.30.0,2a07:a8c1::: roundtrip: dial tcp 45.90.30.0:443: connect: network is unreachable
      Mar 12 10:08:17 5479 nextdns[1043]: Switching endpoint: 127.0.0.1:53
      Mar 12 10:36:52 5479 systemd[1]: Stopping NextDNS DNS53 to DoH proxy....
      Mar 12 10:36:52 5479 systemd[1]: nextdns.service: Deactivated successfully.
      Mar 12 10:36:52 5479 systemd[1]: Stopped NextDNS DNS53 to DoH proxy..
      Mar 12 10:36:52 5479 systemd[1]: Started NextDNS DNS53 to DoH proxy..
      Mar 12 10:36:52 5479 nextdns[7282]: Starting NextDNS 1.42.0/linux on localhost:53
      Mar 12 10:36:52 5479 nextdns[7282]: Listening on TCP/127.0.0.1:53
      Mar 12 10:36:52 5479 nextdns[7282]: Listening on UDP/127.0.0.1:53
      Mar 12 10:36:57 5479 nextdns[7282]: Activating
      Mar 12 10:36:57 5479 nextdns[7282]: Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted
      Mar 12 10:36:59 5479 nextdns[7282]: Received signal: terminated
      Mar 12 10:36:59 5479 nextdns[7282]: Stopping NextDNS 1.42.0/linux
      Mar 12 10:36:59 5479 systemd[1]: Stopping NextDNS DNS53 to DoH proxy....
      Mar 12 10:36:59 5479 nextdns[7282]: Deactivating
      Mar 12 10:36:59 5479 nextdns[7282]: Deactivate: restore resolv.conf: rename /etc/resolv.conf.nextdns-bak /etc/resolv.conf: operation not permitted
      Mar 12 10:36:59 5479 nextdns[7282]: NextDNS 1.42.0/linux stopped
      Mar 12 10:36:59 5479 systemd[1]: nextdns.service: Deactivated successfully.
      Mar 12 10:36:59 5479 systemd[1]: Stopped NextDNS DNS53 to DoH proxy..
      Mar 12 10:36:59 5479 systemd[1]: Started NextDNS DNS53 to DoH proxy..
      Mar 12 10:36:59 5479 nextdns[7300]: Starting NextDNS 1.42.0/linux on localhost:53
      Mar 12 10:36:59 5479 nextdns[7300]: Listening on TCP/127.0.0.1:53
      Mar 12 10:36:59 5479 nextdns[7300]: Listening on UDP/127.0.0.1:53
      Mar 12 10:37:04 5479 nextdns[7300]: Activating
      Mar 12 10:37:04 5479 nextdns[7300]: Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted
      Mar 13 03:01:39 5479 nextdns[7300]: Received signal: terminated
      Mar 13 03:01:39 5479 nextdns[7300]: Stopping NextDNS 1.42.0/linux
      Mar 13 03:01:39 5479 systemd[1]: Stopping NextDNS DNS53 to DoH proxy....
      Mar 13 03:01:39 5479 nextdns[7300]: Deactivating
      Mar 13 03:01:39 5479 nextdns[7300]: Deactivate: restore resolv.conf: rename /etc/resolv.conf.nextdns-bak /etc/resolv.conf: operation not permitted
      Mar 13 03:01:39 5479 nextdns[7300]: NextDNS 1.42.0/linux stopped
      Mar 13 03:01:39 5479 systemd[1]: nextdns.service: Deactivated successfully.
      Mar 13 03:01:39 5479 systemd[1]: Stopped NextDNS DNS53 to DoH proxy..
      Mar 13 03:01:39 5479 systemd[1]: nextdns.service: Consumed 2.229s CPU time.
      Mar 13 03:01:40 5479 systemd[1]: Started NextDNS DNS53 to DoH proxy..
      Mar 13 03:01:40 5479 nextdns[25366]: Starting NextDNS 1.42.0/linux on localhost:53
      Mar 13 03:01:40 5479 nextdns[25366]: Listening on TCP/127.0.0.1:53
      Mar 13 03:01:40 5479 nextdns[25366]: Listening on UDP/127.0.0.1:53
      Mar 13 03:01:45 5479 nextdns[25366]: Activating
      Mar 13 03:01:45 5479 nextdns[25366]: Activate: setup resolv.conf: rename /etc/resolv.conf.nextdns-tmp /etc/resolv.conf: operation not permitted
      ADMINACCT@5479:~$ nextdns activate
      Error: setup resolv.conf: write /etc/resolv.conf.nextdns-tmp: open /etc/resolv.conf.nextdns-tmp: permission denied
      ADMINACCT@5479:~$ sudo rm -i /etc/resolv.conf.nextdns-tmp
      rm: remove regular file '/etc/resolv.conf.nextdns-tmp'? y
      ADMINACCT@5479:~$ nextdns activate
      Error: setup resolv.conf: write /etc/resolv.conf.nextdns-tmp: open /etc/resolv.conf.nextdns-tmp: permission denied
      ADMINACCT@5479:~$

      ----------------------------------------------------

      • R_P_M
      • 8 mths ago
      • Reported - view

       The CLI appears to be running but auto activate is failing. 

      Try,
      dig google.com @127.0.0.1

      If there’s a response then NextDNS CLI is working. 
      Even if auto activate is not functioning correctly it’s not all bad. It just means you have to setup the dns to 127.0.01 manually (just the once though).

      Run the test again to see if the system is using the CLI. 
      curl -L https://test.nextdns.io

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      USERACCT@5479:~$ dig google.com @127.0.0.1

      ; <<>> DiG 9.18.18-0ubuntu0.22.04.2-Ubuntu <<>> google.com @127.0.0.1
      ;; global options: +cmd
      ;; Got answer:
      ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26287
      ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

      ;; OPT PSEUDOSECTION:
      ; EDNS: version: 0, flags:; udp: 1232
      ;; QUESTION SECTION:
      ;google.com.                    IN      A

      ;; ANSWER SECTION:
      google.com. 5 IN A 142.251.16.100
      google.com. 5 IN A 142.251.16.113
      google.com. 5 IN A 142.251.16.102
      google.com. 5 IN A 142.251.16.101
      google.com. 5 IN A 142.251.16.139
      google.com. 5 IN A 142.251.16.138

      ;; Query time: 64 msec
      ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
      ;; WHEN: Wed Mar 13 15:28:28 EDT 2024
      ;; MSG SIZE  rcvd: 135

      USERACCT@5479:~$ curl -L https://test.nextdns.io
      {
              "status": "unconfigured",
              "resolver": "91.196.69.87",
              "srcIP": "91.196.69.89",
              "server": "zepto-iad-1"
      }
      USERACCT@5479:~$

       

      the fact need-be stated,

      that when viewing the System Settings/Network/Connections/IPv4 tab,

         Method is set to Automatic, with

         Other DNS Servers set to 127.0.0.1

      already.

      So all i need do is drop-down the menu and select Manual for Method?

      Also, Question:

      Where is the "server: zepto-iad-1" in the above curl command being assigned/retrieved from?

      also, here is result from duplicate Hardware/OS without seeming nextdns issue:

      USERACCT@5479:~$ curl -L https://test.nextdns.io
      {
              "status": "ok",
              "protocol": "DOH",
              "profile": "fp52b2d1b85abf851b",
              "client": "91.196.69.89",
              "srcIP": "91.196.69.89",
              "destIP": "199.119.65.94",
              "anycast": false,
              "server": "zepto-iad-1",
              "clientName": "nextdns-cli",
              "deviceName": "5479",
              "deviceID": "60DFA"
      }
      USERACCT@5479:~$

      • R_P_M
      • 8 mths ago
      • Reported - view

       For the IPv4 tab, not sure what the best option is to use. It depends on what the other options are in the drop down. Also need to check on computer, later on and get back to you.

      The server item is just what dns.nextdns.io resolves to at your location and is used to run the test on.

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      please see attached screen capture detailing Method of 'Automatic':

      also, the DNS is configured to 127.0.0.1 (hidden by drop down)

      • R_P_M
      • 8 mths ago
      • Reported - view

       Ok, after looking at it on my zorin lite laptop (based on Ubuntu with xfce desktop), the best option to use is “Automatic (only addresses)”.

      This should give you the same as Automatic but with the custom dns option as the only one being used. 
      Using the manual option you would have to set up all the IPs for network connectivity (may be difficult if you don’t know what you’re doing).

      Anyway, check with the test curl addresses after you’ve changed to auto only addresses. 

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      Automatic (only) is set, rebooted, and,...

      no change:

      USERACCT@5479:~$ curl -L https://test.nextdns.io
      {
             "status": "unconfigured",
             "resolver": "45.134.224.139",
             "srcIP": "45.134.224.133",
             "server": "anexia-dal-1"
      }
      USERACCT@5479:~$ nextdns status
      running

      😖😖😖😖😖😖😖😖😖😖😖😖😖😖

      • R_P_M
      • 8 mths ago
      • Reported - view

       Ok, better have a look at the resolv.conf file contents.

      cat /etc/resolv.conf

      Also maybe try,

      resolvectl status 

      (it might error out, not sure. May as well take a look anyway)

      And last thing to check if systemd-resolved is running (I encountered issues with this running and trying to use something else for dns lookups).

      systemctl status systemd-resolved -o cat

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      USERACCT@5479:~$ cat /etc/resolv.conf
      nameserver 45.90.30.241
      nameserver 45.90.28.241
      USERACCT@5479:~$

      ...

      USERACCT@5479:~$ resolvectl status
      Global
               Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
        resolv.conf mode: foreign
      Current DNS Server: 45.90.30.241
             DNS Servers: 45.90.30.241 45.90.28.241

      Link 2 (enp5s0)
      Current Scopes: DNS
           Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
         DNS Servers: 127.0.0.1
      USERACCT@5479:~$

      ...

      USERACCT@5479:~$ systemctl status systemd-resolved -o cat
      ● systemd-resolved.service - Network Name Resolution
           Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
           Active: active (running) since Sun 2024-03-17 14:05:54 EDT; 10min ago
             Docs: man:systemd-resolved.service(8)
                   man:org.freedesktop.resolve1(5)
      https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
      https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
         Main PID: 821 (systemd-resolve)
           Status: "Processing requests..."
            Tasks: 1 (limit: 18996)
           Memory: 8.4M
              CPU: 100ms
           CGroup: /system.slice/systemd-resolved.service
                   └─821 /lib/systemd/systemd-resolved

      Warning: some journal files were not opened due to insufficient permissions.
      USERACCT@5479:~$

      --------
      ADMINACCT@5479:~$ systemctl status systemd-resolved -o cat
      ● systemd-resolved.service - Network Name Resolution
           Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
           Active: active (running) since Sun 2024-03-17 14:05:54 EDT; 12min ago
             Docs: man:systemd-resolved.service(8)
                   man:org.freedesktop.resolve1(5)
      https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
      https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
         Main PID: 821 (systemd-resolve)
           Status: "Processing requests..."
            Tasks: 1 (limit: 18996)
           Memory: 8.4M
              CPU: 100ms
           CGroup: /system.slice/systemd-resolved.service
                   └─821 /lib/systemd/systemd-resolved

      Starting Network Name Resolution...
      Positive Trust Anchors:
      . IN DS 20326 8 2 e##############################################################d
      Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa>
      Using system hostname '5479'.
      Started Network Name Resolution.
      enp5s0: Bus client set default route setting: yes
      enp5s0: Bus client set DNS server list to: 127.0.0.1
      Clock change detected. Flushing caches.
      lines 1-24/24 (END)

      • R_P_M
      • 8 mths ago
      • Reported - view

       Ok, we’ve narrowed it down to the resolv.conf file containing the dns IPs.

      Now, how to fix it. There are two options available, if one doesn’t work try the other. 
      1, edit the file in place to get the right IPs in it.

      sudo nano /etc/resolv.conf

      Remove the two lines and replace with:

      ”nameserver 127.0.0.1”

      (nano is quite easy to use as it shows in the terminal screen some of the options. To save the edits it’s ctl+o then return. It should say “Wrote x lines” if it completed the save. Then exit with ctl+x)

      2, try renaming the file and then create the file with what you should have in it.
      I will leave that for next time as it might not be needed or maybe you already know? 

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      "know"? no, i do not; i am doing all i can just to keep up with what is going on here.

      Logged into ADMINACCT

      issued sudo nano /etc/resolv.conf command, input ADMINACCT passphrase, then

      BACKSPACED previous entries
      input:
      nameserver 127.0.0.1

      ctrl+o to save, received in red back ground/white font:

      [ Error writing /etc/resolv.conf: Operation not permitted ]

      in attempts to rename file also verify its permissions,

      did search for "resolv.conf" of the entire hard drive

      only to find 27 entries of either resolv.conf or stubresolv.conf, et al. in various directories. {wait, WHY 27 entries? or, is this Obfuscation-Through-Deluge that is so prevalent in the IT industry?🤬}

      so, which one is to be renamed?

      • R_P_M
      • 8 mths ago
      • Reported - view

       Oh no red error! It’s the same error as before with nextdns activate.

      I think you should check the admin account’s custom permissions, something appears to be blocking the editing of the /etc/resolv.conf file. I suspect that even attempting to delete that file will result in the same error “operation not permitted”.

      One idea is to create a temporary alternative admin account to see if that will work correctly with “nextdns activate” and actually change that resolv.conf file once and for all!

      • R_P_M
      • 8 mths ago
      • Reported - view

       After a quick search I may have found something relevant to the situation you’re in with regards to the resolv.conf file and “operation not permitted”.

      https://wiki.archlinux.org/title/File_permissions_and_attributes#File_attributes

      From that page of information the “resolv.conf” file may have set an immutable flag which makes the file impossible to overwrite or edit, even with sudo command. How it happened I have no idea but to check the file use this command:

      lsattr /etc/resolv.conf

      if an “i” appears in the output then it is “immutable”. So to remove the immutable flag use:

      sudo chattr -i /etc/resolv.conf 

      Check it’s removed with the command before. Hopefully now nextdns activate will complete successfully with no error. 

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      ADMINACCT@5479:~$ lsattr /etc/resolv.conf
      ----i---------e------- /etc/resolv.conf

      ADMINACCT@5479:~$ sudo chattr -i /etc/resolv.conf
      [sudo] password for ADMINACCT:

      ADMINACCT@5479:~$ lsattr /etc/resolv.conf
      --------------e------- /etc/resolv.conf

      ADMINACCT@5479:~$ nextdns status
      running

      ADMINACCT@5479:~$ nextdns activate
      Error: setup resolv.conf: write /etc/resolv.conf.nextdns-tmp: open /etc/resolv.conf.nextdns-tmp: permission denied

      ADMINACCT@5479:~$

      ~~~~~~~~~~~REBOOTED.~~~~~~~~~~~~~~~~~~~~

      ADMINACCT@5479:~$ sudo nextdns status
      running

      ADMINACCT@5479:~$ nextdns activate
      Error: setup resolv.conf: write /etc/resolv.conf.nextdns-tmp: open /etc/resolv.conf.nextdns-tmp: permission denied

      ADMINACCT@5479:~$ lsattr /etc/resolv.conf
      --------------e------- /etc/resolv.conf

      ADMINACCT@5479:~$

       

      color me,... con-fuuuz'D (not just regular confused, but confused to the Nth Degree🤯)

      considering what little i do know of the OS, the most recent commands should have worked,...

      • R_P_M
      • 8 mths ago
      • Reported - view

       I think you need to run it with sudo in front.

      sudo nextdns activate 

      It may have already activated after the reboot. Check the status of the nextdns service:

      systemctl status nextdns -o cat

      And also use the curl check to be sure:

      curl -L https://test.nextdns.io

      • Christopher_H
      • 8 mths ago
      • Reported - view

       

      from what i have seen, when issuing sudo a second time on the same terminal window, i am not prompted for ADMINACCT passphrase as i was the first time; seeming to suggest the 'session' is raised as such to sudo for all following commands.

      in regards to the second command:

      ......................................................................................................

      USERACCT@5479:~$ systemctl status nextdns -o cat
      ● nextdns.service - NextDNS DNS53 to DoH proxy.
          Loaded: loaded (/etc/systemd/system/nextdns.service; enabled; vendor preset: enabled)
          Active: active (running) since Tue 2024-03-19 12:57:54 EDT; 7h ago
        Main PID: 1024 (nextdns)
           Tasks: 13 (limit: 18996)
          Memory: 15.8M
             CPU: 2.851s
          CGroup: /system.slice/nextdns.service
                  └─1024 /usr/bin/nextdns run

      Warning: some journal files were not opened due to insufficient permissions.
      ......................................................................................................
      USERACCT@5479:~$ curl -L https://test.nextdns.io
      {
             "status": "ok",
             "protocol": "DOH",
             "profile": "fp52b2d1b85abf851b",
             "client": "91.196.69.150",
             "srcIP": "91.196.69.150",
             "destIP": "5.161.43.197",
             "anycast": false,
             "server": "hetzner-iad-1",
             "clientName": "nextdns-cli",
             "deviceName": "5479",
             "deviceID": "60DFA"
      }
      ............................................................................

      ok, this is WEIRD.

      the above commands were issued this a.m.

      with said results.

      just now, with the curl cmd and its status of: "ok"

      i reloaded

      https://my.nextdns.io/######/setup

      to now receive:

      All good!

      This device is using NextDNS with this profile.

      WHAT. is going on here?!

Content aside

  • 8 mths agoLast active
  • 28Replies
  • 1061Views
  • 2 Following