New issue
Advanced search Search tips

Issue 171346 link

Starred by 20 users

Issue metadata

Status: Available
Owner: ----
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

Built-in DNS uses the wrong DNS server on Windows

Reported by fkhp...@gmail.com, Jan 22 2013

Issue description

UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.27 (KHTML, like Gecko) Chrome/26.0.1386.0 Safari/537.27

Example URL:
washeng.net.sixxs.org

Steps to reproduce the problem:
1. ADSL connect to ISP with ipv4 connection, and ethernet is configured with isatap ipv6 to support ipv6 connection and work well.
2. start chrome with ipv6 and dns options: chrome --enable-ipv6 --dns-server=2001:470:20::2 washeng.net.sixxs.org
3. page not open and the cause is that DNS failed

What is the expected behavior?
1.when the command line option spicified dns-server with --dns-server="ipv6address", chrome internal DNS client should use the spicified dns server first and with highest priority for each dns resoving. and only use system derived dns if the spicified dns server failed.

2.when the command line option spicified ipv6 with --enable-ipv6, chrome should use the ipv6 connection first and with highest priority. and only use ipv4 connection if the ipv6 failed. 

What went wrong?
ADSL got a default ipv4 DNS server on the pppoe interface, and it seems there's no way to change the dns configuration of the ADSL pppoe interface in its property dialog box, set dns of ipv4 property to use null dns-server has no effect and when connected, the ADSL pppoe interface always get the ISP ipv4 DNS server set as default. and chrome use the ISP ipv4 DNS server as chrome://net-internals/#dns show:
=============================
Host resolver

View pending lookups
Default address family: UNSPECIFIED

View all IPv6 probe events
Async DNS Configuration

Internal DNS client enabled: true
nameservers	
202.106.195.68:53
append_to_multi_label_name	false
attempts	2
edns0	false
ndots	1
num_hosts	8
rotate	false
search	
timeout	1
==========================

the ISP dns server is only ipv4 and ipv6 fails. 

Did this work before? N/A 

Chrome version: 26.0.1386.0  Channel: n/a
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
 

Comment 1 by fkhp...@gmail.com, Jan 22 2013

when ADSL disconnected, chrome://net-internals/#dns shows that the spicified dns server is chrome internal dns servere:
===================
Host resolver

View pending lookups
Default address family: UNSPECIFIED

View all IPv6 probe events
Async DNS Configuration

Internal DNS client enabled: true
nameservers	
[2001:470:20::2]:53
append_to_multi_label_name	false
attempts	2
edns0	false
ndots	1
num_hosts	8
rotate	false
search	
timeout	1
=================================
but when the ADSL is disconnected, ipv6 connection is not available since the ipv6 is over ipv4 by isatap.

Cc: szym@chromium.org
Labels: Internals-Network-DNS
Status: Untriaged

Comment 3 by szym@chromium.org, Jan 22 2013

Status: Assigned
Summary: Built-in DNS uses the wrong DNS server (was: --dns-server=2001:470:20::2 does not work correctly)
"--dns-server" has not been supported since r122878 (included in branch 1049), so version 19.0.1049.* and later. I suspect there's a problem with the configuration for the built-in DNS client, so I'm changing the summary to reflect that.

I'm not clear on comment #1. I suspect the problem is that we get the wrong interface binding order. I.e., we should ignore the isatap interface.

Could you run "ipconfig /all" in cmd.exe and compare the content of "DNS Servers" in the output to nameservers in chrome://net-internals/#dns 

You might need to explicitly enable the built-in DNS resolver using either "--enable-async-dns" or changing the "Built-in Asynchronous DNS" setting in chrome://flags.

I'd appreciate your help in debugging this, but if you need a quick workaround ASAP, you can disable the built-in DNS completely using the same flag as above.


Comment 4 by fkhp...@gmail.com, Jan 23 2013

C: \ Users \ Administrator> ipconfig / all

Windows IP Configuration

   Host name .............: TS08
   Primary DNS suffix ...........:
   Node Type ............: Hybrid
   IP routing enabled ..........: Yes
   WINS Proxy Enabled .........: No

The PPP adapter broadband connection:

   Connection-specific DNS Suffix .......:
   Description ...............: broadband connection
   Physical address .............:
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   IPv4 Address ............: 123.115.245.246 (preferred)
   Subnet Mask ............: 255.255.255.255
   Default Gateway .............: 0.0.0.0
   DNS server ...........: 202.106.195.68
   NetBIOS over TCPIP on .......: Disabled

Ethernet adapter bridge:

   Connection-specific DNS Suffix .......:
   Description ...............: MAC Bridge Miniport
   Physical Address .............: 02-50-56-C0-00-08
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   Link-local IPv6 Address ........: fe80 :: f447: 4761:69 b0: a89c% 16 (preferred)
   IPv4 Address ............: 192.168.0.1 (Preferred)
   Subnet Mask ............: 255.255.255.0
   IPv4 Address ............: 192.168.0.8 (Preferred)
   Subnet Mask ............: 255.255.255.0
   IPv4 Address ............: 192.168.137.1 (preferred)
   Subnet Mask ............: 255.255.255.0
   Default Gateway .............: 192.168.0.2
   DHCPv6 IAID ...........: 469901680
   The DHCPv6 client the DUID .......: 00-01-00-01-15-E5-90-2E-00-0C-29-0C-58-20
   DNS server ...........: 2001:470:20 ::
   NetBIOS over TCPIP on .......: Enabled

Ethernet adapter VMware Network Adapter VMnet1, is:

   Connection-specific DNS Suffix .......:
   Description ...............: VMware Virtual Ethernet Adapter for VMnet1
   Physical Address .........: 00-50-56-C0-00-01
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   Link-local IPv6 Address ........: fe80 :: d1bf: 4417: e690: 4c89% 17 (preferred)
   IPv4 Address ............: 192.168.106.1 (preferred)
   Subnet Mask ............: 255.255.255.0
   Default Gateway .............:
   DHCPv6 IAID ...........: 335564886
   The DHCPv6 client the DUID .......: 00-01-00-01-15-E5-90-2E-00-0C-29-0C-58-20
   DNS server ...........: fec0: 0:0: ffff :: 1% 1
                                       fec0: 0:0: ffff :: 2% 1
                                       fec0: 0:0: ffff :: 3% 1
   NetBIOS over TCPIP on .......: Enabled

Tunnel adapter isatap. {6F9377E6-6D7A-46FD-BAE9-1BB3857B00FD}:

   Connection-specific DNS Suffix .......:
   Description ...............: Microsoft ISATAP Adapter
   Physical Address .........: 00-00-00-00-00-00-00-E0
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   Link-local IPv6 Address ........: fe80 :: 200:5 efe: 123.115.245.246% 21 (preferred)
   Default Gateway .............:
   DNS server ...........: 202.106.195.68
   NetBIOS over TCPIP on .......: Disabled

Tunnel adapter IP6Tunnel:

   Media State ............: Media disconnected
   Connection-specific DNS Suffix .......:
   Description ...............: Microsoft Direct Point-to-point Adapater
   Physical Address .........: 00-00-00-00-00-00-00-E0
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes

Tunnel adapter isatap. {3A44B582-AFA7-400E-B2E3-C75785688165}:

   Connection-specific DNS Suffix .......:
   Description ...............: Microsoft ISATAP Adapter # 2
   Physical Address .........: 00-00-00-00-00-00-00-E0
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   Link-local IPv6 Address ........: fe80 :: 5efe: 192.168.0.1% 20 (Preferred)
   Link-local IPv6 Address ........: fe80 :: 5efe: 192.168.0.8% 20 (Preferred)
   Link-local IPv6 Address ........: fe80 :: 5efe: 192.168.137.1% 20 (Preferred)
   Default Gateway .............:
   DNS server ...........: 2001:470:20 ::
   NetBIOS over TCPIP on .......: Disabled

Tunnel adapter 6TO4 Adapter:

   Connection-specific DNS Suffix .......:
   Description ...............: Microsoft 6to4 Adapter
   Physical Address .........: 00-00-00-00-00-00-00-E0
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   IPv6 Address ............: 2002:7 b73: f5f6 :: 7b73: f5f6 (preferred)
   Default Gateway .........: 2002: c058: 6301 :: 1
                                       2002: c058: 6301 :: c058: 6301
   DNS server ...........: 202.106.195.68
   NetBIOS over TCPIP on .......: Disabled

Tunnel adapter isatap. {DC141DC5-9299-4167-9D51-E096C58E2166}:

   Connection-specific DNS Suffix .......:
   Description ...............: Microsoft ISATAP Adapter # 6
   Physical Address .........: 00-00-00-00-00-00-00-E0
   DHCP Enabled ...........: No
   Autoconfiguration Enabled ..........: Yes
   Default Gateway .............:
   NetBIOS over TCPIP on .......: Disabled

C: \ Users \ Administrator> regedit
I encountered a similar problem today, but on OSX 10.8 with Chrome 27.0.1425.0 dev.

I'm regularly connected to two VPNs. Chrome would for the first couple of requests use the correct DNS server for the two VPNs, but then for some reason it would try to use the regular interface's DNS server.

E.g.

* Physical interface en1 has DNS server 10.1.1.1 and search domain home.tld.
* VPN A has DNS server 192.168.1.1 and search domain foo.tld.
* VPN B has DNS server 172.16.1.1 and search domain bar.tld.

For the first couple of requests or minutes, requests for domains within foo.tld and bar.tld would be correctly routed and addresses would return normally, thus requests could be routed to the correct server and everything works normally.

After that, though, requests for domains within foo.tld and bar.tld would be sent to 10.1.1.1 and it would return a captured page IP (OpenDNS's server fail/nxdomain page). Thus, I could no longer open pages on foo.tld or bar.tld.

I disabled the internal DNS on chrome://flags and everything is working as I'd expect it to work.
Project Member

Comment 6 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Internals-Network -Internals-Network-DNS Cr-Internals-Network Cr-Internals-Network-DNS

Comment 7 by szym@chromium.org, Mar 16 2013

Cc: -szym@chromium.org
Owner: szym@chromium.org
In both cases, Chrome's built-in resolver does not handle the situation where different interfaces have different DNS servers. For now, we should detect such situations and disable the built-in resolver.

On Windows, it seems the solution for this particular case could be to assemble a list of DNS servers from all the interfaces. Currently, Chrome's built-in DNS uses only the first non-loopback interface.

On OSX, Chrome uses configd which is also used by the system resolver, so I'm surprised you are seeing different behavior from Chrome and the system resolver.

I've just come across a problem running 26.0.1410.43 on OSX 10.8.2 where some domains should resolve differently through a VPN than not. Connecting to a split-horizon Cisco IPSec VPN which pushes an internal DNS server for certain domains.

* The VPN endpoint instructs the client to resolve *.example.com through a DNS server accessible via the VPN.
* foo.example.com is resolvable publicly, as well as on the VPN. It is only accessible externally from certain subnets, and resolves to an internal IP address for VPN access.
* `ping foo.example.com` behaves as expected while on and off the VPN.
* Chrome tries to connect to the same external IP address both on and off the VPN, even after clearing caches.
* bar.example.com is only resolvable via the VPN, NXDOMAIN externally.
* Chrome is able to resolve and connect to bar.example.com while connected to the VPN.

Comment 9 by je...@jessejoe.com, Aug 5 2013

+1 for chrome://flags disable internal DNS

I use /etc/resolver/domain.tld to specify DNS servers for specific domains for my VPN. This was broken on Mac lately until I disabled the internal DNS.

Comment 10 by szym@chromium.org, Aug 5 2013

Re #9. This issue describes a problem on Windows. The problem you are describing is tracked by  Issue 265970 .
I'm having similar issues with Chrome on Mac OS. Whenever I dial into the VPN I have to flush the DNS cache. Otherwise it won't find any hosts on the VPN. Sometime even flushing won't help and I need to restart Chrome.
Confirm on ChromeOS too. The chrome client does not follow the nameserver in /etc/resolv.conf, and even flushing dns cache under chrome://net-internals/#dns doesn't load the new one.
only when disabling async DNS it will work.

Comment 13 by laforge@google.com, Jul 23 2015

Owner: ttuttle@chromium.org
Had a quick discussion w/ Chris, redirecting szym@'s issues to ttuttle@ to help ensure that they get triaged.

@Thomas, thanks in advance for helping out.
Labels: Hotlist-Recharge
This issue likely requires triage.  The current issue owner may be inactive (i.e. hasn't fixed an issue in the last 30 days or commented in this particular issue in the last 90 days).  Thanks for helping out!

-Anthony
Owner: juliatut...@chromium.org
Is this _ever_ going to get fixed?  In classic Google form I see that the way to address the problem was to simply remove the flag from the available config options, so now users don't even have the ability to over-ride.
Owner: ----
Status: Available (was: Assigned)
Owner: mge...@chromium.org
So sad that this shitty behavior still not fixed. All browsers are using local DNS while chromium-based browsers is "clever" enough to ignore it. Can't even disable internal DNS without recompiling chromium! omg!
Components: -Internals>Network
Removing Internals>Network to get off triager's radar, given that this is a DNS bug.

How on earth is Google's decision to remove user control of Chrome's internal DNS a "DNS bug"??

FFS people - you REMOVED A WORKING FEATURE and are now blaming it on a DNS bug??

Here's a thought - how about you think about removing Chrome doing it's own DNS???  That would seem to address this """DNS Bug"""


Summary: Built-in DNS uses the wrong DNS server on Windows (was: Built-in DNS uses the wrong DNS server)
Changing bug title to reflect the scope of this particular issue. Configuration issues on other platforms are tracked in separate bugs. Note that the async resolver is not currently used on Windows, so this bug is only kept around in case we decide to enable it in the future.
Owner: ----

Sign in to add a comment