0

is quic protocol down ?

last time quic working fine even not working at ipv4 , but now seem in both ipv4 and ipv6 down can't connect at all

8 replies

null
    • NextDNs
    • 2 yrs ago
    • Reported - view

    which client are you using?

      • putra.1
      • 2 yrs ago
      • Reported - view

      NextDNS i'm try AdGuard Home v0.108.0-b.8 , but just now test using official build v0.107.6 and quic working fine again

      • putra.1
      • 2 yrs ago
      • Reported - view

      NextDNS and forget to say still can't connect using quic:// , only using dns stamp with ipv6 can connect to quic

      • Carrot_eggs
      • 2 yrs ago
      • Reported - view

      NextDNS putra 

      I ran into the same problem, using AdGuard Home v0.108.0-b.9
      Here are their update instructions:

      https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.108.0-b.8

      Added Support for the final DNS-over-QUIC standard, RFC 9250 (#4592).
          Support upstreams for subdomains of a domain only (#4503).”

      I remember nextdns using a custom port: 8853, not the final standard: 853, is this problem causing it?

      “DoT and DoQ use a custom ports (tcp/853 and udp/8853 respectively) which can be easily blocked by firewalls while DoH uses the same port and protocol as used for all HTTPS web traffic (tcp/443), making it harder to block or even detect. DoH3 uses udp/443, so it is easier to block but still indistinguishable from other web traffic using this protocol, and HTTP/3 capable clients have the capability to fallback to HTTP/2 when this happens.”

      I recommend reporting this to AdGuard Home.

      https://github.com/AdguardTeam/AdGuardHome/issues

    • Patrik_Kro
    • 2 yrs ago
    • Reported - view

    I can confirm this issue. DNS-over-QUIC is not working on the latest stable version of AdGuard Home (v0.107.7). I believe this is NOT an AdGuard Home problem. The @nextdns team needs to update their DNS-over-QUIC implementation, because DNS-over-QUIC protocol is now finalized.
    The udp port must be 853.

    Adguard Home (v0.107.7) change log:
    https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.7

    "DNS-over-QUIC: RFC 9250
    The long-awaited DNS-over-QUIC protocol has finally graduated from a draft to being a real standard, RFC 9250. In this release, we add support for the final version of the standard in a backwards-compatible way."

    • MC33
    • 2 yrs ago
    • Reported - view

    I have the same problem, just updated to AH v0.107.7 and QUIC is not working anymore...

    • vmstan
    • 2 yrs ago
    • Reported - view

    Glad it's not just me. I've been using the NextDNS CLI for a bit, wanted to try AdGuard with QUIC and couldn't get anything to resolve.

    • Patrik_Kro
    • 2 yrs ago
    • Reported - view

    nextdns

    This problem is also mentioned on the Github support page of AdGuard Home:
    https://github.com/AdguardTeam/AdGuardHome/issues/4644

    Developers of AdGuard Home have responded:

    " RFC-version of DoQ is not compatible with the old draft versions, hence the issue.

    AdGuard Home has already switched to the RFC-version of DoQ.
    AdGuard DNS supports both the old drafts and the RFC-version.

    Unfortunately, this behavior is only normal for the server-side (AdGuard DNS) since it can distinguish the version the client wants to use. The client (AdGuard Home) just uses the RFC-version and if the server is not compatible it won't get through.

    Probably, the only way is to fix this on the NextDNS side. The fix is rather trivial, though. I'd suggest NextDNS to use the same approach as we do to support the old clients: https://github.com/AdguardTeam/dnsproxy/commit/c3b50a44f5b41cc0f385a0402e5dc127f08b0d1d#diff-6f8ef90801bf531405c62f0548dd80dc2edec8e10f96b0cd50c34544a7ea9c53R154 "


    So, the next logical step would be that NextDNS also updates their DoQ implementation to final (RFC) version.

Login to reply

Content aside

  • 2 yrs agoLast active
  • 8Replies
  • 1088Views
  • 7 Following