DNS always set to :: 127.0.0.1

Got a problem with Viscosity or need help? Ask here!

doffactory

Posts: 11
Joined: Wed Jul 19, 2017 7:33 pm

Post by doffactory » Wed Jul 19, 2017 8:07 pm
I have this strange issue with the newest Viscosity (ver 1.7.3. 1521) on Windows 10 latest edition. Whenever I try to set a DNS server in the app, the connection goes fine, but the DNS is always set to :: (IPv6) and 127.0.0.1 (IPv4). Naturally, I want to have Full DNS forwarding. I tried all the settings, no luck. Can somebody help?

On server side I have enabled DNS advertising.

On Client side I have set Send all traffic over VPN, and in DNS I have set Full DNS. Nothing seems to work, except when I Disable the DNS in Viscosity, or I tick the box Use Windows DNS System for Full DNS. I have a feeling the issue is with Windows 10 and how it handles DNS, as it all works fine with Linux and macOS.

Logs below:
Code: Select all
Jul 19 12:03:20: State changed to Connecting
Jul 19 12:03:20: Viscosity Windows 1.7.3 (1521)
Jul 19 12:03:20: Running on Microsoft Windows 10 Pro
Jul 19 12:03:20: Bringing up interface...
Jul 19 12:03:20: Checking reachability status of connection...
Jul 19 12:03:20: Connection is not reachable. Disconnecting.
Jul 19 12:03:20: State changed to Disconnected
Jul 19 12:03:25: State changed to Connecting
Jul 19 12:03:25: Viscosity Windows 1.7.3 (1521)
Jul 19 12:03:25: Running on Microsoft Windows 10 Pro
Jul 19 12:03:25: Bringing up interface...
Jul 19 12:03:25: Checking reachability status of connection...
Jul 19 12:03:25: Connection is reachable. Starting connection attempt.
Jul 19 12:03:25: OpenVPN 2.4.3 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 21 2017
Jul 19 12:03:25: library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.09
Jul 19 12:03:25: TCP/UDP: Preserving recently used remote address: [AF_INET]***redacted***:1194
Jul 19 12:03:25: UDPv4 link local: (not bound)
Jul 19 12:03:25: UDPv4 link remote: [AF_INET]***redacted***:1194
Jul 19 12:03:26: State changed to Authenticating
Jul 19 12:03:26: [server] Peer Connection Initiated with [AF_INET]***redacted***:1194
Jul 19 12:03:27: State changed to Connecting
Jul 19 12:03:27: open_tun
Jul 19 12:03:27: TAP-WIN32 device [antik.sk1] opened: \\.\Global\{8CC2EB0C-266D-403A-8213-C193D8B51F47}.tap
Jul 19 12:03:27: Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {8CC2EB0C-266D-403A-8213-C193D8B51F47} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Jul 19 12:03:27: Successful ARP Flush on interface [51] {8CC2EB0C-266D-403A-8213-C193D8B51F47}
Jul 19 12:03:27: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Jul 19 12:03:32: Initialization Sequence Completed
Jul 19 12:03:32: DNS set to Full:
Server - 192.168.0.1:53; Lookup Type - Any; Domains - RouterDK.
Server - 88.212.8.8:53; Lookup Type - Any; Domains - RouterDK.
Server - 88.212.8.88:53; Lookup Type - Any; Domains - RouterDK.

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Thu Jul 20, 2017 1:10 pm
Hi doffactory,

This is normal behaviour for Viscosity. Viscosity uses it's own internal DNS system for Split and Full DNS to prevent leaks, loopback (::1 and 127.0.0.1) is set to enable this. The option you found is to disable this behaviour if it is unwanted.

With Full DNS enabled and using the Viscosity DNS system, what exactly isn't working? Are you able to resolve host names using nslookup from command line? Please keep in mind using this that local DNS lookups for your home network will not longer work, you will need to use Split DNS or a local DNS server.

Please see the following for more information - http://sparklabs.com/support/kb/article ... #dns-modes

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

doffactory

Posts: 11
Joined: Wed Jul 19, 2017 7:33 pm

Post by doffactory » Thu Jul 20, 2017 11:57 pm
Hi Eric,

Thanks for getting back to me. I had a hell of a time setting this VPN up. The thing was even more frustrating as the openvpn server (Linux) was nicely operating with both a macOS client as well as with another Linux client. I finally made it working, without a DNS leak. For me the most important thing was to set the following on the openvpn server:
Code: Select all
push "redirect-gateway def1"
push "dhcp-option DNS xxx.xxx.xxx.xxx"
push "dhcp-option DNS xxx.xxx.xxx.xxx"
keepalive 10 120
On Windows 10 I had to reset all the Firewall rules to default. Sounds crazy but the slightest change completely ruined all the connections. I will need to study the functionalities of this super-counter-intuitive Win Firewall properly.

Finally, in Viscosity the settings under Edit Connection > Networking > All traffic - Automatic (Set by server) + DNS Mode Automatic (Default). I also enabled in the Advanced setting to Block IPv6 when IPv4 is on. After all these it started to work. Whew.

BTW, I think I found a bug in the app. If one sets under the Authentication tab the Tls-auth file, you cannot change the Direction anymore. Even if you save it let's say changing from 0 to 1, it goes back to the original value (0) that has been saved the 1st time. If one wants to change it, you have to remove first the file, change the Direction value, and then add the file again.

Another suggestion: HiDPI screens are starting to be really a standard, it would be great to have a fronted overhaul for us lucky ones, together with the dock icon. :shock: :mrgreen:

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Fri Jul 21, 2017 11:50 am
Hi doffactory,

Thanks for the feedback, and we will investigate that bug.

In regards to high DPI scaling, the majority of Viscosity is now using high DPI images and should look quite sharp on a 4k screen. Some of the system tray icon sets are high DPI as well, some are not, so try a few different ones there. If the entire app looks fuzzy or stretched, we have had a report like this once before and it means Windows is using XP style scaling on Viscosity, however we're unsure how to resolve that issue.

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

doffactory

Posts: 11
Joined: Wed Jul 19, 2017 7:33 pm

Post by doffactory » Fri Jul 21, 2017 9:00 pm
Hi Eric,

Thanks for getting back to me. Regarding the HiDPI feature, you are right, the app itself looks good. I just personally found the colors (the grey tone) of the app a bit "old-school", if I may say so. Looks a bit odd with the new Windows 10. Also, if one checks for updates, the resulting window, saying there are no updates, is rather small and with a different font compared with the rest of the app.

Regarding the tray icons, I just noticed a strange pixelization in the Windows 10 > tray notification enabler, when the Viscosity icon was looking odd. Am I right that it is due to the lack of some SVG features, or what format is Windows 10 using exactly? I would personally prefer a much stronger visibility of the connection. I have set Viscosity on the Leopard Colored theme, the other options are just not so well visible – especially compared to the Windows 10 native monochrome tray icons. However, even the Leopard Colored is smaller than the native Windows 10 monochrome icons.

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Mon Jul 24, 2017 8:12 am
Hi doffactory,

Viscosity's UI was designed when Windows 7 was relatively new, so it is a bit dated. There are much newer ways to design interfaces for Windows 10 but unfortunately they don't work on Windows 7 which is still a huge portion of the Windows market share still. A new UI is on our to-do list though!

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
6 posts Page 1 of 1