Hi,
I've been seeing a similar issue over the last few weeks, although I unfortunately cannot pinpoint exactly when they started happening anymore - I did however update Viscosity to 1.9 (and as of a few days ago, to the latest beta) recently, so the timing might coincide.
Same as dkaczmark, I'm seeing intermittent DNS resolution issues while using Viscosity, although mine strangely enough seem to be limited to anything related to Microsoft domains (I've been working quite a bit with Azure/Microsoft Logins, so that's where I mostly noticed it).
Usually, Chrome would complain about not being able to resolve e.g. login.microsoftonline.com, refresh 2 times, then suddenly succeed in resolving the domain and load the page. During login, Microsoft redirects to a different domain, which again would fail to resolve twice, then suddenly load.
After these domains resolve, I can usually used them for a minute or two (have not actually timed, just what it feels like) before they fail to resolve again, although that part seems a bit part to reproduce - sometimes I can navigate websites using the "troublesome" domains for minutes, sometimes for hours.
My current setup:
OS
Microsoft Windows 10 Pro Version 20H2 (OS Build 19042.685)
.NET Framework Version 4.8.04084.528372
IPv4 DNS server (pihole): 192.168.178.2:53
IPv6 DNS server (pihole): [<PIHOLE_IPV6_ADDRESS>]:53
Dual stack setup, both IPv4 and IPv6 connectivity available
Viscosity
Viscosity Windows 1.9.1 (1698) Beta3
Adapter Type: Viscosity Virtual Adapter
OpenVPN 2.4.10 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [AEAD] built on Dec 10 2020
OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10
VPN server
IPv4 connection only, no IPv6 IP assigned
Several routes pushed, although none are related to Microsoft domains/IPs or conflict with local IP ranges
Split DNS config with single search domain pushed by server
Code: Select allDec 17 11:31:57 AM: DNS set to Split, report follows:
Server - [<PIHOLE_IPV6_ADDRESS>]:53; Lookup Type - Any; Domains - fritz.box.
Server - 192.168.178.2:53; Lookup Type - Any; Domains - fritz.box.
Server - 9.9.9.9:53; Lookup Type - Split; Domains - <companydomain.at>.; Server is not reachable and will not be used.
Server - 1.1.1.1:53; Lookup Type - Split; Domains - <companydomain.at>.; Server is not reachable and will not be used.
Dec 17 11:31:57 AM: State changed to Connected
Dec 17 11:31:58 AM: DNS has been updated:
Server - [<PIHOLE_IPV6_ADDRESS>]:53; Lookup Type - Any; Domains - fritz.box.
Server - 192.168.178.2:53; Lookup Type - Any; Domains - fritz.box.
Server - 9.9.9.9:53; Lookup Type - Split; Domains - <companydomain.at>.
Server - 1.1.1.1:53; Lookup Type - Split; Domains - <companydomain.at>.
Up until around last week, I was using the stable version of Viscosity, although I do not have the exact version number anymore. As I originally noticed my DNS issues there, I updated to the latest beta in the hopes a fix might've been in testing already.
Until this morning, my adapter type was set to "OpenVPN TAP Adapter (Legacy)", after finding this thread, I changed the setting and re-created the connection to test whether that might fix my issues - unfortunately they still persist.
My computer has been cold booted multiple times - last of this morning - since these issues have been occurring.
I've tried reproducing the issue with nslookup with similar results as dkaczmark.
I am sometimes seeing nslookup run into two DNS request timeouts before being able to resolve the domain, although as of lately, nslookup often just seems to "hang" indefinitely or return an "Unspecified" error. Re-trying the query afterwards either results in another hangup/error or successfully resolves the domain.
Code: Select allC:\Users\nickm>nslookup login.microsoftonline.com.
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
*** Viscosity can't find login.microsoftonline.com.: Unspecified error
C:\Users\nickm>nslookup login.microsoftonline.com.
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
Non-authoritative answer:
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 40.126.1.144
40.126.1.143
20.190.129.16
40.126.1.139
40.126.1.135
20.190.129.18
40.126.1.165
20.190.129.134
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
C:\Users\nickm>nslookup login.microsoftonline.com.
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
Non-authoritative answer:
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 20.190.129.134
40.126.1.144
40.126.1.143
20.190.129.16
40.126.1.139
40.126.1.135
20.190.129.18
40.126.1.165
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
I've also tried supplying the -debug flag to nslookup in the hope of gaining some additional information, but all that showed (at least to me
) was it receiving a truncated answer:
Code: Select allC:\Users\nickm>nslookup -debug login.microsoftonline.com.
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
truncated answer
^C
C:\Users\nickm>nslookup -debug login.microsoftonline.com.
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
truncated answer
^C
C:\Users\nickm>nslookup -debug login.microsoftonline.com. <PIHOLE_IPV6_ADDRESS>
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.6.6.9.d.b.2.d.1.7.8.f.6.2.e.f.e.5.5.3.a.5.2.0.1.7.8.0.1.0.0.2.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.6.6.9.d.b.2.d.1.7.8.f.6.2.e.f.e.5.5.3.a.5.2.0.1.7.8.0.1.0.0.2.ip6.arpa
name = rpi4
ttl = 2 (2 secs)
------------
Server: rpi4
Address: <PIHOLE_IPV6_ADDRESS>
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 11, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = A, class = IN
ANSWERS:
-> login.microsoftonline.com
canonical name = a.privatelink.msidentity.com
ttl = 12 (12 secs)
-> a.privatelink.msidentity.com
canonical name = prda.aadg.msidentity.com
ttl = 12 (12 secs)
-> prda.aadg.msidentity.com
canonical name = www.tm.a.prd.aadg.akadns.net
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.129.1
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.143
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.135
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.129.129
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.167
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.165
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.144
ttl = 12 (12 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.129
ttl = 12 (12 secs)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = AAAA, class = IN
------------
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 20.190.129.1
40.126.1.143
40.126.1.135
20.190.129.129
40.126.1.167
40.126.1.165
40.126.1.144
40.126.1.129
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
C:\Users\nickm>nslookup -debug login.microsoftonline.com.
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 11, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = A, class = IN
ANSWERS:
-> login.microsoftonline.com
canonical name = a.privatelink.msidentity.com
ttl = 4 (4 secs)
-> a.privatelink.msidentity.com
canonical name = prda.aadg.msidentity.com
ttl = 4 (4 secs)
-> prda.aadg.msidentity.com
canonical name = www.tm.a.prd.aadg.akadns.net
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.129
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.129.1
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.143
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.135
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.129.129
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.167
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.165
ttl = 4 (4 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.1.144
ttl = 4 (4 secs)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = AAAA, class = IN
------------
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 40.126.1.129
20.190.129.1
40.126.1.143
40.126.1.135
20.190.129.129
40.126.1.167
40.126.1.165
40.126.1.144
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
I waited around 30s after each of the two first requests before cancelling them. After I queried my pihole server directly (or any other external server, 1.1.1.1 works just fine as well for that), attempting another query without a DNS server specified completes immediately, although I assume might just be retrieved from cache.
I have also attempted the same omitting the "." after the TLD, thus including search domains with similar results, as expected.
Code: Select allC:\Users\nickm>nslookup -debug login.microsoftonline.com
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = A, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = AAAA, class = IN
------------
truncated answer
read failed: No error
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = AAAA, class = IN
------------
*** Viscosity can't find login.microsoftonline.com: Unspecified error
C:\Users\nickm>nslookup -debug login.microsoftonline.com
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = A, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = AAAA, class = IN
------------
truncated answer
^C
C:\Users\nickm>nslookup -debug login.microsoftonline.com <PIHOLE_IPV6_ADDRESS>
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.6.6.9.d.b.2.d.1.7.8.f.6.2.e.f.e.5.5.3.a.5.2.0.1.7.8.0.1.0.0.2.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.6.6.9.d.b.2.d.1.7.8.f.6.2.e.f.e.5.5.3.a.5.2.0.1.7.8.0.1.0.0.2.ip6.arpa
name = rpi4
ttl = 2 (2 secs)
------------
Server: rpi4
Address: <PIHOLE_IPV6_ADDRESS>
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = A, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = AAAA, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 11, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = A, class = IN
ANSWERS:
-> login.microsoftonline.com
canonical name = a.privatelink.msidentity.com
ttl = 13 (13 secs)
-> a.privatelink.msidentity.com
canonical name = prda.aadg.msidentity.com
ttl = 13 (13 secs)
-> prda.aadg.msidentity.com
canonical name = www.tm.a.prd.aadg.akadns.net
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.72
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.97
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.76
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.7
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.5
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.72
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.76
ttl = 13 (13 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.65
ttl = 13 (13 secs)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = AAAA, class = IN
------------
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 20.190.137.72
20.190.137.97
20.190.137.76
20.190.137.7
40.126.9.5
40.126.9.72
40.126.9.76
40.126.9.65
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
C:\Users\nickm>nslookup -debug login.microsoftonline.com
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa, type = PTR, class = IN
ANSWERS:
-> 3.5.e.4.4.4.3.7.9.6.6.5.3.7.2.6.1.6.c.4.b.6.2.7.1.6.0.7.3.5.d.f.ip6.arpa
name = Viscosity
ttl = 32000000 (370 days 8 hours 53 mins 20 secs)
------------
Server: Viscosity
Address: fd53:7061:726b:4c61:6273:5669:7344:4e53
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = A, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com.fritz.box, type = AAAA, class = IN
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 11, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = A, class = IN
ANSWERS:
-> login.microsoftonline.com
canonical name = a.privatelink.msidentity.com
ttl = 11 (11 secs)
-> a.privatelink.msidentity.com
canonical name = prda.aadg.msidentity.com
ttl = 11 (11 secs)
-> prda.aadg.msidentity.com
canonical name = www.tm.a.prd.aadg.akadns.net
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.65
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.72
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.97
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.76
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 20.190.137.7
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.5
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.72
ttl = 11 (11 secs)
-> www.tm.a.prd.aadg.akadns.net
internet address = 40.126.9.76
ttl = 11 (11 secs)
------------
Non-authoritative answer:
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
login.microsoftonline.com, type = AAAA, class = IN
------------
Name: www.tm.a.prd.aadg.akadns.net
Addresses: 40.126.9.65
20.190.137.72
20.190.137.97
20.190.137.76
20.190.137.7
40.126.9.5
40.126.9.72
40.126.9.76
Aliases: login.microsoftonline.com
a.privatelink.msidentity.com
prda.aadg.msidentity.com
Once Viscosity is disabled/the adapter is disconnected, I'm no longer seeing issues with the mentioned domains, so I'm fairly certain there should be nothing interfering from my regular DNS/pihole setup, although I'm happy to run any other tests that might prove helpful to try and track this issue.