'Inconsistent DNS Issues Using DNS over TLS w/ Discord, Steam, Twitch Clients'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       unbound-users
Subject:    Inconsistent DNS Issues Using DNS over TLS w/ Discord, Steam, Twitch Clients
From:       Luca Fusi via Unbound-users <unbound-users () lists ! nlnetlabs ! nl>
Date:       2020-11-12 17:53:11
Message-ID: CAPAKajC+H65ET2tSdvk8EyJSBGaH6xaEUWutjh8LV=TMo7Rppw () mail ! gmail ! com
[Download RAW message or body]

Hello folks,

I've got Unbound set upon OpenWRT in such a way that it works with odhcpd,
which is one of the configurations referenced on this page:
https://github.com/openwrt/packages/blob/openwrt-19.07/net/unbound/files/README.md

The goal was to be able to use DNS over TLS.

I'm using all of this in tandem with an OpenVPN configuration, and I'm
having very inconsistent results in trying to connect to a couple of
services (namely Twitch, Discord, Steam) using their Windows app
counterparts with this configuration. Sometimes, it all works fine, but
very often it doesn't. Restarting all services and the router won't fix it
in times when it's being stubborn, and shifting various DNS validation
servers around (e.g. trying Google vs. Cloudflare, scrapping the DNS server
provided by ProtonVPN) doesn't seem to have an effet either. It feels truly
random to me.

In this state, everything in my browser and most desktop apps (Slack) work
fine. But as for the services mentioned (Steam, Discord, Twitch) the only
way I'm able to connect to them is by connecting to my VPN provider using a
Windows client (which bypasses the adblocking etc. I've got set up on the
router, which I'd like to work as an umbrella for all devices in the home),
or by navigating to their browser-based counterparts (I'm thinking the way
that Firefox gets around these issues via DNS over HTTPS).

Weirdly enough, disabling TLS in my zone file doesn't guarantee that this
works though; it's just one of the best leads I have besides 'seems like an
unbound related issue'.

I've had a decent discussion with one member of the OpenWRT forums and
posted several dig logs there:
https://forum.openwrt.org/t/cant-access-or-address-some-sites-twitch-steam-discord-clients-w-unbound-installed/78778


I'm not sure where else to seek advice re: unbound so I thought I'd give
this list a shot. There is probably something fairly elementary I'm missing.

lmk,
Luca


[Attachment #3 (text/html)]

<div dir="ltr">
<div>Hello folks,</div><div><br></div><div>I&#39;ve got Unbound set upon 
OpenWRT in such a way that it works with odhcpd, which is one of the 
configurations referenced on this page: <a \
href="https://github.com/openwrt/packages/blob/openwrt-19.07/net/unbound/files/README.md" \
target="_blank">https://github.com/openwrt/packages/blob/openwrt-19.07/net/unbound/files/README.md</a></div><div><br></div><div>The \
goal was to be able to use DNS over TLS.</div><div><br></div><div>I&#39;m  using all \
of this in tandem with an OpenVPN configuration, and I&#39;m  having very \
inconsistent results in trying to connect to a couple of  services (namely Twitch, \
Discord, Steam) using their Windows app  counterparts with this configuration. \
Sometimes, it all works fine, but  very often it doesn&#39;t. Restarting all services \
and the router won&#39;t fix  it in times when it&#39;s being stubborn, and shifting \
various DNS  validation servers around (e.g. trying Google vs. Cloudflare, scrapping 
the DNS server provided by ProtonVPN) doesn&#39;t seem to have an effet 
either. It feels truly random to me.</div><div><br></div><div>In this 
state, everything in my browser and most desktop apps (Slack) work fine.
 But as for the services mentioned (Steam, Discord, Twitch) the only way
 I&#39;m able to connect to them is by connecting to my VPN provider using a
 Windows client (which bypasses the adblocking etc. I&#39;ve got set up on 
the router, which I&#39;d like to work as an umbrella for all devices in the
 home), or by navigating to their browser-based counterparts (I&#39;m 
thinking the way that Firefox gets around these issues via DNS over 
HTTPS).<br></div><div><br></div><div>Weirdly enough, disabling TLS in my
 zone file doesn&#39;t guarantee that this works though; it&#39;s just one of 
the best leads I have besides &#39;seems like an unbound related \
issue&#39;.</div><div><br></div><div>I&#39;ve had a decent discussion with one member \
of the OpenWRT forums and posted several dig logs there: <a \
href="https://forum.openwrt.org/t/cant-access-or-address-some-sites-twitch-steam-discord-clients-w-unbound-installed/78778" \
target="_blank">https://forum.openwrt.org/t/cant-access-or-address-some-sites-twitch-s \
team-discord-clients-w-unbound-installed/78778</a></div><div><br></div><div>I&#39;m  \
not sure where else to seek advice re: unbound so I thought I&#39;d give  this list a \
shot. There is probably something fairly elementary I&#39;m  \
missing.</div><div><br></div><div>lmk,</div><div>Luca</div>

</div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic