Viscosity keeps resolving hostname to same IP

Got a problem with Viscosity or need help? Ask here!

MorpheusX

Posts: 11
Joined: Sat Mar 02, 2013 2:04 am

Post by MorpheusX » Thu Nov 28, 2013 6:18 am
I've run into a quite weird problem with Viscosity lately (using Viscosity 1.4.7 (1216) on Windows 8.1 Pro):

I'm using a VPN package from proxy.sh and have set up multiple connections to several of their servers (e.g. Netherlands, Germany, Austria, etc...) which all use hostnames to round-robin through their VPN nodes (e.g. at.proxy.sh, nl.proxy.sh, etc...).
I'm running Viscosity on boot and have it connect to one of the connections automatically. After some time, I could not connect to my "Netherlands connection" anymore since Viscosity started resolving the hostname to one single IP all the time (and that IP happened to be exactly the one that was offline at that time). I've tried flushing the DNS cache of my computer and my router, switching to different DNS servers and restarting computer and network configuration multiple times, all without any improvement. Running a "nslookup" for the affected domain during this period would always return all entries and perform the round-robin for the "primary" entry properly.

Since I didn't know how to solve this problem, I just switched my autoconnect-node to a different country and carried on. Right now, this problem has occurred once again though, preventing me from using the second connection, the first one is working properly again though (DNS being resolved just fine now).

Unfortunately, there's nothing much to indicate this problem in the logs (connection test runs fine, DNS gets resolved and connection gets attempted, however the resolved IP never changes, no matter how many times I re-connect for flush my DNS cache).

Would you have any idea what could cause a behavior like this?

Thanks in advance!

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Thu Nov 28, 2013 1:42 pm
Hi MorpheusX,

That's an interesting one. While we do connection testing, we do still leave it to OpenVPN to resolve IP addresses from a DNS name to connect to. It sounds like OpenVPN is doing something odd with caching the DNS lookup, which we will have a look into to see if we can reproduce.

In the mean time however, there is a command you can add that might solve the problem. Edit your connection, go to the Advanced tab, and under Advanced commands on a new line add the following:

remote-random-hostname

This will randomise a host name for your server which should prevent OpenVPN caching and reusing the same IP address constantly. Let us know if it helps.

Regards,

Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

MorpheusX

Posts: 11
Joined: Sat Mar 02, 2013 2:04 am

Post by MorpheusX » Fri Nov 29, 2013 8:43 pm
Hi Eric,

thanks for the quick response.
I've added the command to the configuration and it does indeed change the behaviour. However, since the currently "buggy" connection just has 2 servers, the randomisation could be a bit "non-random", since I'm always seeing the second IP being resolved now :lol:
I'll play around with it a bit more in the next days and will let you know if I figure something out.

Thanks!

MorpheusX

Posts: 11
Joined: Sat Mar 02, 2013 2:04 am

Post by MorpheusX » Wed Dec 11, 2013 9:07 am
I've had something similar appear again and tried the "remote-random-hostname" option you've mentioned.

I'm trying to connect to proxy.sh's Netherlands hub (nl.proxy.sh) which contains the following IPs according to a simple nslookup:

Address: 94.102.55.186
Address: 95.47.140.174
Address: 95.47.153.151
Address: 109.202.103.181
Address: 109.236.83.125
Address: 151.236.14.204
Address: 176.56.238.201
Address: 178.239.55.125
Address: 198.20.101.69
Address: 212.7.194.208
Address: 5.255.80.29
Address: 5.255.80.80
Address: 46.19.35.11
Address: 46.21.145.229
Address: 46.23.72.161
Address: 46.23.72.209
Address: 46.249.58.53
Address: 89.233.106.73
Address: 89.233.106.251

Viscosity initially tries to connect to 198.20.101.69 (which is a valid entry in that list, but refuses connections for some reason, I'll check about this with the proxy.sh staff), but again won't respect the usual round-robin of the domain name.
I thus added the "remote-random-hostname" setting to the connection and tried again.
This time, Viscosity would always try to connect to 85.17.94.159, which isn't even listed in the most recent domain entry for "nl.proxy.sh" anymore and thus obviously also gets rejected. Trying to reconnect a few times always yields in connects to this one IP.
Performing DNS flushes on my router or computer didn't help either, removing the extra setting makes it jump back to the original IP instantly again.

Any other ideas what could cause this weird behaviour (probably caused by OpenVPN as you've hinted)?
If needed, I can send you the connection log, although that just contains the unsuccessful connection attempts.

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Wed Dec 11, 2013 7:19 pm
Hi MorpheusX,

We've had a closer look and it looks like the problem is combination of OpenVPN and Windows.

Under Linux or Mac, when a DNS name is resolved, it will return a list of IP Addresses like Windows will. But when you do a resolution again, it will (depending on distro) either move the IP Address a the top of the list from the last resolution to the bottom, or randomise the list. OpenVPN leaves the resolution completely to the OS, but will always take the first IP address in the list to try and resolve too.

Windows unfortunately does not do this. No matter what you do to the DNS Cache, it will return that IP list in exactly the same order. We will certainly have a look at a work around for this in a future version of Viscosity, most likely in the form of an option to let Viscosity resolve and randomise the list itself, unfortunately this won't be something in the next update though.

In the mean time there is only really one option to get a genuinely randomised IP each time, and that is to add all the IPs to your connection (Edit the connection, then add the IPs as a comma separated list under Address), and then add 'remote-random' to the Advanced commands section which will randomise the order of the servers each time you connect. This will take the DNS resolution away from Windows completely and allow you to connect to a random server each time.

If you don't want to rely on IP addresses though, you might find if you query your VPN Provider that each one of those IP address has it's own DNS name as well (for example server1.proxy.sh, server2.proxy.sh, etc) that you could add to the configuration instead of IP addresses.

Sorry we can't provide an easy fix for this right now, but we will certainly have a good look into it.

Regards,

Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

MorpheusX

Posts: 11
Joined: Sat Mar 02, 2013 2:04 am

Post by MorpheusX » Wed Dec 11, 2013 7:28 pm
Hello Eric,

thanks for the reply and insight! Greatly appreciated you're looking into a possible fix for future versions, I'll just switch to using IPs or will use one of my other connections again until those break too :lol:

Thanks for the help anyways!
6 posts Page 1 of 1