dnsmasq+dnscrypt: failed to create listening socket for port 53

Utini · 2016-01-18 11:49:47

I followed the wiki: https://wiki.archlinux.org/index.php/DNSCrypt

1.) pacman -S dnscrypt-proxy dnsmasq
2.) I am using NetworkManager and Network-Manager-applet in which I changed the dns server of my current connection to 127.0.0.1.

systemctl edit dnscrypt-proxy.socket:

[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.0.1:40
ListenDatagram=127.0.0.1:40

/etc/dnsmasq.conf:

no-resolv
server=127.0.0.1#40
listen-address=127.0.0.1
cache-size=1000

To run dnsmasq with networkmanager:
/etc/NetworkManager/NetworkManager.conf

[main]
plugins=keyfile
dhcp=dhclient
#dns=default
dns=dnsmasq

## Set static hostname
#[keyfile]
#hostname=foobar

## HTTP-based connectivity check
#[connectivity]
#uri=http://nmcheck.gnome.org/check_network_status.txt
#interval=100

And since dnsmasq via networkmanager uses its own configuration file I re-created the dnsmasq.conf for networkmanager as well:
nano /etc/NetworkManager/dnsmasq.d/cache:

cache-size=1000
no-resolv
server=127.0.0.1#40
listen-address=127.0.0.1

/etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service:

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/bin/dnscrypt-proxy \
          -R dnscrypt.eu-nl

/usr/lib/systemd/system/dnscrypt-proxy.service:

[Unit]
Description=DNSCrypt client proxy
Requires=dnscrypt-proxy.socket

[Install]
Also=dnscrypt-proxy.socket
WantedBy=multi-user.target

[Service]
Type=simple
NonBlocking=true
ExecStart=/usr/bin/dnscrypt-proxy \
          -R dnscrypt.eu-nl

dnscrypt-proxy.service and .sockets are running but dnsmasq seems to have an error:

systemctl status dnsmasq.service -l:

Starting A lightweight DHCP and caching DNS Sercer...
Dnsmasq: syntax check ok
Dnsmasq.service: main process exited, code=exited, status=2/invalidargument
Failed to start a lightweight dhcp and caching dns server
Dnsmasq: failed to create listening socket for port 53: adress is already in use

ping archlinux.org gives me "unknown host"
Ping ip works though.

I then tried to disable dnsmasw since networkmanager is supposed to start it and rebooted system. Afterwards:

systemctl status dnsmasq.service:

Dnsmasq.service - a lightweight dhcp and caching dns server
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; vendor preset: disabled)
Active: inactive (dead)

How ever, still the same problem that pinging hostbames wont work.

Any ideas ?

Last edited by Utini (2016-01-18 17:46:36)

Utini · 2016-01-18 16:11:22

Oh and one more thing: I installed and configured everything and it worked. Then I did a reboot and since then I am stuck with the problem.

Utini · 2016-01-19 18:24:33

And here thr bash_history of what I did and when it broke... In case it is relevant: http://pastebin.com/M3Rp80Ag

And here output of dnscrypt-proxy.service and .socket:

sneida@_____:~$ sudo systemctl status dnscrypt-proxy.service -l
[sudo] password for sneida: 
* dnscrypt-proxy.service - DNSCrypt client proxy
   Loaded: loaded (/usr/lib/systemd/system/dnscrypt-proxy.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-01-19 19:04:16 CET; 30min ago
 Main PID: 446 (dnscrypt-proxy)
    Tasks: 1 (limit: 512)
   CGroup: /system.slice/dnscrypt-proxy.service
           `-446 /usr/bin/dnscrypt-proxy -R cisco

Jan 19 19:04:16 _____ dnscrypt-proxy[446]: [INFO] - [cisco] does not support Namecoin domains
Jan 19 19:04:16 _____ dnscrypt-proxy[446]: [WARNING] - [cisco] logs your activity - a different provider might be better a choice if privacy is a concern
Jan 19 19:04:16 _____ dnscrypt-proxy[446]: [NOTICE] Starting dnscrypt-proxy 1.6.0
Jan 19 19:04:16 _____ dnscrypt-proxy[446]: [INFO] Generating a new session key pair
Jan 19 19:04:16 _____ dnscrypt-proxy[446]: [INFO] Done
Jan 19 19:04:21 _____ dnscrypt-proxy[446]: [INFO] Server certificate #1435874751 received
Jan 19 19:04:21 _____ dnscrypt-proxy[446]: [INFO] This certificate looks valid
Jan 19 19:04:21 _____ dnscrypt-proxy[446]: [INFO] Chosen certificate #1435874751 is valid from [2015-07-03] to [2016-07-02]
Jan 19 19:04:21 _____ dnscrypt-proxy[446]: [INFO] Server key fingerprint is ED19:BFBA:FAFC:9257:DFDC:68C7:69BF:AC24:94CD:743F:3C1D:4966:134D:FE2C:4BDC:F315
Jan 19 19:04:21 _____ dnscrypt-proxy[446]: [NOTICE] Proxying from 127.0.0.1:40 to 208.67.220.220:443
sneida@_____:~$ sudo systemctl status dnscrypt-proxy.socket -l
* dnscrypt-proxy.socket - dnscrypt-proxy listening socket
   Loaded: loaded (/usr/lib/systemd/system/dnscrypt-proxy.socket; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/dnscrypt-proxy.socket.d
           `-override.conf
   Active: active (running) since Tue 2016-01-19 19:04:16 CET; 30min ago
   Listen: 127.0.0.1:40 (Stream)
           127.0.0.1:40 (Datagram)

Jan 19 19:04:16 _____ systemd[1]: Listening on dnscrypt-proxy listening socket.

Last edited by Utini (2016-01-19 18:35:38)

rezad · 2016-04-28 16:28:25

I had the same problem recently.
maybe my solution works for you too.
it was because of dnscrypt. it seems that it is listening on port 53 ( it is configured in dnscrypt-proxy.sokcet) and after I changed that to another port it still didnt help but after restarting it was fixed.
I dont know why this happened.
I also changed the dns section of NetworkManager to dnsmasq too.

Arch Linux

#1 2016-01-18 11:49:47

dnsmasq+dnscrypt: failed to create listening socket for port 53

#2 2016-01-18 16:11:22

Re: dnsmasq+dnscrypt: failed to create listening socket for port 53

#3 2016-01-19 18:24:33

Re: dnsmasq+dnscrypt: failed to create listening socket for port 53

#4 2016-04-28 16:28:25

Re: dnsmasq+dnscrypt: failed to create listening socket for port 53

Board footer