You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, everyone. AdGuard has been rock-solid for me until today when I decided to do some tweaking. I have not observed things like this before.
I run AdGuard DNS on pFsense box and I use DOT.
When I edit the list of upstream resolvers and click on the blue 'Test Upstreams' button I get a green message saying that upstream are working correctly. When I save the changes by clicking the green 'Apply' button the right edge of the screen gets a red modal with a ton of errors like this: 21x.22x.18x.xxx:41488->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:55993->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:6515->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:38104->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:48269->8.8.4.4:853: write: broken pipe\"", "failed to close some connections: 5 errors: \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57175->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:54642->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57177->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57178->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57176->8.8.4.4:853: write: broken pipe\"" | 500 where 21x.22x.18x.xxx is my masked dynamic IP address issued by the ISP.
After this error message is thrown DNS stops working and I can't open any webpages. I did not have time to figure out how to restart AdGuard DNS server in command line, so the only remedy for me for now was rebooting the firewall. After reboot DNS works fine until next config change.
I got the same kind of error when I tried modifying Encryption settings - same error message with the same effect of killing DNS.
While AdGuard DNS is happy with my certificate and private key - the text in green says: Certificate chain is valdid
and
This is a valid RSA private key
the message down below in red says:
validating certificate pair: certificate has no IP addresses, this may cause issues with DNS-over-TLS clients
I will appreciate input from knowledgeable folks about what is happening here and if I should do something to fix the things? Or this is something to do with the ISP?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello, everyone. AdGuard has been rock-solid for me until today when I decided to do some tweaking. I have not observed things like this before.
I run AdGuard DNS on pFsense box and I use DOT.
When I edit the list of upstream resolvers and click on the blue 'Test Upstreams' button I get a green message saying that upstream are working correctly. When I save the changes by clicking the green 'Apply' button the right edge of the screen gets a red modal with a ton of errors like this:
21x.22x.18x.xxx:41488->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:55993->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:6515->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:38104->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:48269->8.8.4.4:853: write: broken pipe\"", "failed to close some connections: 5 errors: \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57175->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:54642->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57177->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57178->8.8.4.4:853: write: broken pipe\", \"tls: failed to send closeNotify alert (but connection was closed anyway): write tcp 21x.22x.18x.xxx:57176->8.8.4.4:853: write: broken pipe\"" | 500where 21x.22x.18x.xxx is my masked dynamic IP address issued by the ISP.After this error message is thrown DNS stops working and I can't open any webpages. I did not have time to figure out how to restart AdGuard DNS server in command line, so the only remedy for me for now was rebooting the firewall. After reboot DNS works fine until next config change.
I got the same kind of error when I tried modifying Encryption settings - same error message with the same effect of killing DNS.
While AdGuard DNS is happy with my certificate and private key - the text in green says:
Certificate chain is valdidand
This is a valid RSA private keythe message down below in red says:
validating certificate pair: certificate has no IP addresses, this may cause issues with DNS-over-TLS clientsI will appreciate input from knowledgeable folks about what is happening here and if I should do something to fix the things? Or this is something to do with the ISP?
Beta Was this translation helpful? Give feedback.
All reactions