Nordvpn-bin and steamclient

relefat · 11 November 2023 10:16

I did that, to no avail. Same issue on a fresh manjaro install.

Nov 11 10:14:08 DESKTOPPC systemd-resolved[589]: enp0s31f6: Bus client set default route setting: yes
Nov 11 10:14:08 DESKTOPPC systemd-resolved[589]: enp0s31f6: Bus client set DNS server list to: fe80::1
Nov 11 10:14:09 DESKTOPPC systemd-resolved[589]: **/etc/hosts:7: hostname "DESKTOP_PC" is not valid, ignoring.**
Nov 11 10:14:09 DESKTOPPC systemd-resolved[589]: **/etc/hosts:7: line is missing any valid hostnames**
Nov 11 10:14:09 DESKTOPPC systemd-resolved[589]: enp0s31f6: Bus client set DNS server list to: 192.168.0.1, fe80::1
Nov 11 10:14:39 DESKTOPPC systemd-resolved[589]: nordlynx: Bus client set DNS server list to: 103.86.96.100, 103.86.99.100
Nov 11 10:14:39 DESKTOPPC systemd-resolved[589]: nordlynx: Bus client set search domain list to: ~.
Nov 11 10:14:39 DESKTOPPC systemd-resolved[589]: nordlynx: Bus client set DNSSEC setting: allow-downgrade
Nov 11 10:14:39 DESKTOPPC systemd-resolved[589]: Flushed all caches.
Nov 11 10:14:58 DESKTOPPC systemd-resolved[589]: Flushed all caches.

my /etc/hosts file HAS my PC name in it, wonder if it has to do with the underscore?

# Standard host addresses
127.0.0.1  localhost
::1        localhost ip6-localhost ip6-loopback
ff02::1    ip6-allnodes
ff02::2    ip6-allrouters
# This host address
127.0.1.1  DESKTOP_PC

linux-aarhus · 11 November 2023 10:23

Usually a hostname are all lower case - same rule as username - no leading digit, only alfanumeric ascii charaters, digits and dash is allowed.

A valid hostname is desktop-pc - and hostnames are not allowed to be duplicate on a network - just the same as IP addresses they are unique identifiers.

Edit /etc/hostname to match the name in /etc/hosts - using the mentioned rule - then restart your system.

man nordvpn

My nordvpn settings

 $ nordvpn settings
Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: enabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled
LAN Discovery: disabled

relefat · 11 November 2023 10:35

my settings are the same except for the DNS:

Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: enabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: 103.86.96.100, 103.86.99.100
LAN Discovery: disabled

Those are Nord’s recommended DNS, I can ping google.com under ubuntu but not under manjaro using those same DNS. I can still open other websites, just not google.com, which is very strange to put it mildly but considering it is working on ubuntu, I’d say there’s something wrong with my system, possibly even the nordvpn-bin aur package.

linux-aarhus · 11 November 2023 10:39

But you shouldn’t set those manually anywhere - this will be used when you are connected - otherwise you use your ISP or a local dns.

When you are connected to nordvpn - the DNS resolvers are set to nordvpn

Sample flow

 $ nordvpn c dk
Connecting to Denmark #245 (dk245.nordvpn.com)
You are connected to Denmark #245 (dk245.nordvpn.com)!

 $ nordvpn settings
Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: enabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled
LAN Discovery: disabled

 $ resolvectl status
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google

Link 2 (enp1s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 172.30.30.4
       DNS Servers: 172.30.30.4

Link 3 (vboxnet0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (nordlynx)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
Current DNS Server: 103.86.96.100
       DNS Servers: 103.86.96.100 103.86.99.100
        DNS Domain: ~.

 $ nordvpn d
You are disconnected from NordVPN.
How would you rate your connection quality on a scale from 1 (poor) to 5 (excellent)? Type 'nordvpn rate [1-5]'.

 $ resolvectl status
Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google
                      2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google

Link 2 (enp1s0)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 172.30.30.4
       DNS Servers: 172.30.30.4

Link 3 (vboxnet0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

relefat · 11 November 2023 10:56

I ran the command:

nordvpn set dns disable

then ran resolvectl status with VPN on:

Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google

Link 2 (enp0s31f6)
    Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.0.1
       DNS Servers: 192.168.0.1 fe80::1

Link 3 (wlp4s0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 4 (nordlynx)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=allow-downgrade/supported
Current DNS Server: 103.86.99.100
       DNS Servers: 103.86.96.100 103.86.99.100
        DNS Domain: ~.

and then with VPN off:

Global
           Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
    resolv.conf mode: stub
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net
                      2001:4860:4860::8888#dns.google

Link 2 (enp0s31f6)
    Current Scopes: DNS LLMNR/IPv4 mDNS/IPv4
         Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.0.1
       DNS Servers: 192.168.0.1 fe80::1

Link 3 (wlp4s0)
    Current Scopes: none
         Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported

Still no google.com when connected to NordVPN.
The PC is connected to my ISP’s ONT/switch/router device through another switch.
I wonder if connecting it directly would affect anything.

linux-aarhus · 11 November 2023 11:02

Then you have other issues

 $ nordvpn c dk
Connecting to Denmark #173 (dk173.nordvpn.com)
You are connected to Denmark #173 (dk173.nordvpn.com)!
  
 $ ping google.com -c 5
PING google.com (192.0.0.88) 56(84) bytes of data.
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=1 ttl=64 time=4.98 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=2 ttl=64 time=4.97 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=3 ttl=64 time=4.93 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=4 ttl=64 time=5.23 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=5 ttl=64 time=5.03 ms
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4248ms
rtt min/avg/max/mdev = 4.926/5.026/5.227/0.105 ms

 $ ping google.com -c 5
PING google.com (192.0.0.88) 56(84) bytes of data.
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=1 ttl=64 time=5.65 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=2 ttl=64 time=5.34 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=3 ttl=64 time=5.10 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=4 ttl=64 time=5.50 ms
64 bytes from 192.0.0.88 (192.0.0.88): icmp_seq=5 ttl=64 time=5.51 ms

--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 5.101/5.420/5.651/0.187 ms

Probably not…

relefat · 11 November 2023 11:07

yup, didn’t make any difference
I get 100% packet loss.
Well I can’t think of anything else
I guess I will just have to switch to using cloudflare’s dns

relefat · 11 November 2023 11:12

wait, I think I remember what might be causing it. I remember not being able to access my router 192.168.0.1 while connected to VPN on my ubuntu so I had to run a command to whitelist that specific IP so I can use my router while connected to the network.

EDIT: nope, it’s not that. I can access my router now though.

linux-aarhus · 11 November 2023 11:15

How did you reach that conclusion?

You claim Nord VPN does not reset DNS on Manjaro - and you are correct when using Manjaro default which is using openresolv.

And that you cannot reach google when using Nord VPN on Manjaro.

This may be true but it is not related to Nord VPN nor Manjaro but - I suspect - another underlying issue - and what we have been doing here is an xyproblem where you seek help with your non functional solution to another issue in your network.

We are most certainly having an xy problem here.

I cannot be of further assistance as Nord VPN and Manjaro - in this particular instance works as expected.

At least in the sense that I cannot reproduce it.

relefat · 11 November 2023 11:28

it is most definitely something on my system that is causing this but I just don’t have any ideas what. so in the meantime I will have to resort to cloudflare is what I meant. I just dont know where to look.

linux-aarhus · 11 November 2023 12:01

I cannot quite get it out of my thoughts.

Intriguing to say the least.

Have you checked you router settings - especially DNS?

I am thinking that because you mentioned you created some exception for your router with Nord VPN config?

relefat · 11 November 2023 12:06

ok, this has just become even weirder!

So my network is as follows:
fibre optic is coming inside my property and into my ISP provided ONT/router/switch Nokia device.

I then run a cable from said ONT/router/switch (Nokia) to another switch in my room. I then run two cables - one directly from the switch into my desktop PC, and another to an Asus RT-AC51U router running OpenWrt which I only use to connect to the internet using my ubuntu laptop - no issues there whatsoever.

But strangest thing happened - I decided to see if the problem persists if I connect to my Nokia router wirelessly with my laptop - and then the problem appeared on the laptop.
I then used my wifi adapter on my desktop to connect to the Asus router and the problem disappeared - I can ping google.com while connected to this router.

I… I just don’t get it.
I still wouldn’t want to mark this as solved. At this point I am just too mad to know what is causing this

I don’t want to connect my desktop directly to my Asus router though as that one is quite slow, which is why I connect to the switch and then to the Nokia. The Asus I use primarily as a wifi extender

I would guess nord is using that bogus ip 192.0.0.88 in a different way and there is some sort of a conflict on the local network? my nokia is 192.168.0.1 and my asus is 192.168.1.1
I am pretty certain I have misconfigured something

linux-aarhus · 11 November 2023 12:19

So you really have several possible point of failure

your ISP router
- to which your desktop is connected
- which provides a wireless AP
- to which your Asus WiFi router is connected
your Asus router

Is your Asus router with OpenWrt

a bridge to your ISP router network?
a network separated from your ISP router network (running it’s own DCHP for wireless access)?

First remove the Asus router from the equation - simply disconnect it.

From the description

the issue is apparent when connecting directly to your ISP router
it goes away when connecting using the Asus router

This verifies my thought that it is router config which is at play - I cannot possibly guess what it is - but I would check the first PoF - your ISP router.

Test your ISP network without the Asus router.

As your Asus most probably has both lan and wan port - be sure to connect it to the switch using the wan port.

The google IP address -192.0.0.88 - is likely a ~~multicast~~ anycast address which then routes to the closest google datacenter.

relefat · 11 November 2023 12:20

I’ve already done exactly that, but it seems the issue is indeed with the ISP router.

Mirdarthos · 11 November 2023 12:43

Just a (very) random thought. Can it be that the protocol is being blocked by the ISP somehow?

relefat · 11 November 2023 13:15

right. I need to start writing what I do. I remember tinkering around a year ago with this Nokia router as I was daisy chaining routers for another reason

The whole issue was the subnet: I had set it to 255.0.0.0 and never bothered to change it back. When piniging google, it would go to 192.0.0.8, and with a subnet mask of 255.0.0.0 of course it would not find google. It was as simple as that.

It’s another story why nord have decided their dns should point to that IP address at all in the first place

Thank you so much for staying with me during this whole process.

I really, REALLY should start making config backups so this does not happen.

system · 13 November 2023 01:16

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.