Many Apple properties work only after repeated attempts
Since around two weeks, many requests to Apple properties (App Store, Apple Music etc.) fail resulting in “Connection to App Store failed” messages, podcasts that won’t download etc.
The logs do not show any blocked requests. Enabling or disabling blocklists and other features seem to have no real effect. Explicitly whitelisting tens of Apple (sub)domains also does not solve the problem.
If a site or service fails to load, I retry many times. Sometimes by the 5th, sometimes by the 50th try the requests succeeds. Sometimes even retries do not help.
One method that always works is disabling NextDNS. From that moment onwards, requests to Apple services resume to work immediately.
On Reddit I’ve seen multiple people reporting the same issue: https://reddit.com/r/nextdns/comments/vqi7zz/issues_reaching_apple_services_like_app_store/
I also wanted to share some relevant info.
Just to be explicit, I experienced **the “update all [apps]” button not working as expected in App Store**. App-update-indicator keep spinning and spinning and eventually stop not having updated anything. Confusingly, one can update single apps one by one manually, but not via the update all app.
I also started with my filters, but there wasn’t really going on anything special besides an occasional ad query coming from inside the App Store (so I assume), changing the filters did not fix the problem.
I stumbled on (older) references to EDNS under the config\performance where I started to experiment with different combinations of these switches.
! Warning for skimmers: messing with these dns settings will take at least 5 minutes to propagate so the dns cache records expire so your changes will not always effect your device real-time.
My working hypothesis is that the switch *Cache-boost* can be a work around. What the *true* reason for this relative new undesired (iOS) behaviour is, remains to be seen, but turning off the cache boost resulted in me being able to update-all apps again.
I use the app and have a dedicated profile for iOS devices.
If you choose to test, do this:
Put everything the way you like again. All bells and whistles you no Apple domain in exception or block list.
**Disable cache-boost**; you may leave edns and flattening enabled.
In my case I had the beta threat intelligence disabled.
Set a timer for 5 minutes and wait.
After 5 minutes, go to app store. Touch your initials, drag down to refresh update page. Press update all.
I have witnessed succes a few times, but it is limited to the number of devs pushing new updates. **I need more data**. Feel free to share.
Hopefully this helps and aid NextDNS in figuring out what is going on.
P.s. Cache-boost is a good feature because TTL of 5 seconds have downsides, but in this case - for assumed fixing purposes - I accept it disabled. I do not recommend this for shared NextDNS-profiles for other devices, only for test-fixing iOS.
Do you have an position on IPv4 and IPv6 in relation to this topic? Would this behaviour be explained by not having IPv6 ips assigned to clients? (tv.apple.com resolves to 4 AAAA records and 1 A record.)
Feel free to ignore if irrelevant, just trying to get more info shared.
I can see one of the posters has a IPv6 address in the test output, so this might be one we can exclude in "House's differential diagnosis".
@NextDNS can you give me a % chance this issue will be resolved? If not, please save me from having to check this topic again and again without any progress made. I will just switch to another DNS provider permanently...
@NextDNS exactly the same issue. Me and some of my friends which also use NextDNS are about to leave NextDNS as well.
Every solution seem not working and this is ongoing for at least 2-3 months now. It gets way to annoying.
NextDNS please fix it. I loved how it works and this gonna cost you guys a huge amount of users.
Perhaps the NextDNS app can be expanded with an additional feedback mechanism? Or perhaps even local logs to consult. It is a hard to debug.
As a test, nowadays, in the iOS NextDNS app, I switch off the custom ID switch, effectively disabling most of the custom configuration, but keeping NextDNS DOH on.
No conclusive results yet.
Prevent the unauthorized use of your devices to mine cryptocurrency.
Resolved the issue
I started having this problem a few days ago, and it's quite annoying. No solution has been found so far?
i've had this problem too. Thanks @Mika, disabling the Cryptojacking Protection fixed the problem.
Since a few weeks this problem returned for me after having been gone for a year.
Possibly disabling the cryptojacking switch would’ve solved it. Or not. Or temporarily. Who knows?
Now however I’ve switched to AdGuard DNS in the hopes that’s a service I do not need to babysit to prevent stuff from working.
so the trick is replacing your dns with quad nine? or do you also own quad nine?
- yesterdayLast active