Error when running sudo systemctl status dnscrypt-proxy.service

[aberthil]

Operating System

Raspberry Pi

Architecture

64-bit

Platform

Linux

Project

DNScrypt

Browser

Firefox

Issue

Other (explain in description)

Issue Description

I get the error message when running sudo systemctl status dnscrypt-proxy.service
alexis@raspberrypi:~ $ sudo systemctl status dnscrypt-proxy.service
● dnscrypt-proxy.service - Encrypted/authenticated DNS proxy
Loaded: loaded (/etc/systemd/system/dnscrypt-proxy.service; enabled; preset: enabled)
Active: active (running) since Sun 2024-10-06 11:04:39 PDT; 4min 4s ago
Main PID: 814338 (dnscrypt-proxy)
Tasks: 10 (limit: 9247)
CPU: 128ms
CGroup: /system.slice/dnscrypt-proxy.service
└─814338 /opt/linux-arm64/dnscrypt-proxy -config dnscrypt-proxy.toml

Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Now listening to [::1]:5333 [TCP]
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Source [odoh-relays] loaded
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Source [public-resolvers] loaded
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Source [relays] loaded
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Source [odoh-servers] loaded
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] Firefox workaround initialized
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [ERROR] Get "https://[2606:4700:4700::1111]/dns-query?dns=yv4BAAABAAAAAAABAAACAAEAACkQAAAAAAAAFAAMABDqOciNgMU6rPZ48BH8cb7e": dial tcp [2606:4700:4700:>
Oct 06 11:04:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:04:39] [NOTICE] dnscrypt-proxy is waiting for at least one server to be reachable
Oct 06 11:07:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:07:39] [NOTICE] [cloudflare] OK (DoH) - rtt: 32ms
Oct 06 11:07:39 raspberrypi dnscrypt-proxy[814338]: [2024-10-06 11:07:39] [NOTICE] Server with the lowest initial latency: cloudflare (rtt: 32ms)

Is that an issue or can I move on to the next step in the process?
I changed the port to 5333 since I have to use Avahi for my homebridge server, it should not change anything there anyhow, right?

[welcome]

Thanks for opening your first issue here 🙋🕵️

[trinib]

Error message:

The error you received: Get "https://[2606:4700:4700::1111]/dns-query... dial tcp [2606:4700:4700::1111]... indicates that the dnscrypt-proxy encountered a problem when trying to reach Cloudflare's DNS server via IPv6. This could be due to network connectivity issues (e.g., no IPv6 route), or the server being temporarily unreachable via IPv6.

Resolution:

After this error, you can see the log entry at 11:07:39 confirming that the proxy successfully reached Cloudflare's DoH (DNS over HTTPS) server using IPv4: [NOTICE] [cloudflare] OK (DoH) - rtt: 32ms.
The proxy has recovered and established a connection, so it's functioning normally now.

Port change:

Changing the port to 5333 for dnscrypt-proxy shouldn't cause any issues as long as your system is configured to query DNS on that port. Make sure any other software (like Avahi or Homebridge) or system-level DNS settings are aware of the change and are correctly forwarding DNS queries to localhost:5333 instead of the default port (53).
It's important to check /etc/resolv.conf or equivalent DNS settings to ensure the system points to the correct port and address for DNS resolution, such as 127.0.0.1:5333.

Can you move on?

It looks like the service is active and has resolved the issue with Cloudflare’s DoH server. You can move forward to the next step in your process, but just keep an eye on the logs in case the IPv6 connectivity issue arises again.

If IPv6 is not required in your setup, you could also disable IPv6 usage in the dnscrypt-proxy.toml configuration to avoid such errors.

[aberthil]

Perfect, since the DNS system is working fine, let's not worry about this.