[GH-ISSUE #135] Dns option doesn`t work #1719

New Issue

Closed

opened 2026-04-27 22:23:34 -05:00 by GiteaMirror · 5 comments

GiteaMirror commented 2026-04-27 22:23:34 -05:00

Owner

Copy Link

Originally created by @vadim0872 on GitHub (Sep 9, 2025).
Original GitHub issue: https://github.com/fosrl/newt/issues/135

Originally assigned to: @oschwartz10612 on GitHub.

I configure split dns, all requests to *.mydomain.com forcibly sent to reverse proxy in local net.
The request to pangolin.mydomain.com going too, but it located on vps. To confirm this problem I try to use option "-dns" which is designed to set dns server that will be resolved request for pangolin endpoint, but it doesn`t metter at all

Originally created by @vadim0872 on GitHub (Sep 9, 2025). Original GitHub issue: https://github.com/fosrl/newt/issues/135 Originally assigned to: @oschwartz10612 on GitHub. I configure split dns, all requests to *.mydomain.com forcibly sent to reverse proxy in local net. The request to pangolin.mydomain.com going too, but it located on vps. To confirm this problem I try to use option "-dns" which is designed to set dns server that will be resolved request for pangolin endpoint, but it doesn`t metter at all

GiteaMirror added the bug label 2026-04-27 22:23:34 -05:00

GiteaMirror closed this issue 2026-04-27 22:23:36 -05:00

GiteaMirror commented 2026-04-27 22:23:38 -05:00

Author

Owner

Copy Link

@DetermineAbsurd commented on GitHub (Oct 27, 2025):

I am also experiencing this issue. Supplied DNS environment variable is ignored seemingly.

Edit: After looking through the debug logs of the container, it appears to interpret the supplied DNS value, but not actually utilize it when doing network requests as the expected return IP of the endpoint does not match my configured response IP from my DNS server and the DNS server isn't reporting any requests from the device running Newt.

<!-- gh-comment-id:3453103847 --> @DetermineAbsurd commented on GitHub (Oct 27, 2025): I am also experiencing this issue. Supplied DNS environment variable is ignored seemingly. Edit: After looking through the debug logs of the container, it appears to interpret the supplied DNS value, but not actually utilize it when doing network requests as the expected return IP of the endpoint does not match my configured response IP from my DNS server and the DNS server isn't reporting any requests from the device running Newt.

GiteaMirror commented 2026-04-27 22:23:42 -05:00

Author

Owner

Copy Link

@cradermacher commented on GitHub (Jan 22, 2026):

same to me.
I configuered a newt LXC Container on my Proxmox Host. The LXC Container uses my internal Adguard as DNS Server.
A Ping from the container to a sudomain.internal-domain.de resolves the correct IP.

If use ressource in Pangolin, which should connect to the same subdomain, i get a "bad gateway".

<!-- gh-comment-id:3785854471 --> @cradermacher commented on GitHub (Jan 22, 2026): same to me. I configuered a newt LXC Container on my Proxmox Host. The LXC Container uses my internal Adguard as DNS Server. A Ping from the container to a sudomain.internal-domain.de resolves the correct IP. If use ressource in Pangolin, which should connect to the same subdomain, i get a "bad gateway".

GiteaMirror commented 2026-04-27 22:23:45 -05:00

Author

Owner

Copy Link

@willthong commented on GitHub (Jan 24, 2026):

Pinging internal domain correctly hits DNS server (192.168.0.242) from within newt container:

docker exec -it newt /bin/sh
/ # ping home.internal
PING home.internal (192.168.0.242) 56(84) bytes of data.
64 bytes from deathandgravity.internal (192.168.0.242): icmp_seq=1 ttl=64 time=0.029 ms

Newt container logging shows "use of closed network connection" UDP errors when attempting holepunch:

INFO: 2026/01/24 10:37:35 Peer [REDACTED] updated successfully
INFO: 2026/01/24 10:38:07 Triggering on-demand hole punch to 1 exit nodes
WARN: 2026/01/24 10:38:07 Failed to send on-demand hole punch to 86.24.50.100: failed to write to UDP: use of closed network connection
INFO: 2026/01/24 10:38:07 Removing Endpoint for peer [REDACTED]
INFO: 2026/01/24 10:38:07 Peer [REDACTED] updated successfully

   cat docker-compose.yml
services:
  newt:
    image: fosrl/newt
    container_name: newt
    restart: unless-stopped
    environment:
      - PANGOLIN_ENDPOINT=https://pangolin.willthong.com
      - NEWT_ID=[REDACTED]                  
      - NEWT_SECRET=[REDACTED] 

Newt is correctly routing external requests to Public Resources but no connectivity to Private Resources. Please shout if this isn't actually the same issue and I'll happily split into a new ticket. Thanks for a brilliant product!

<!-- gh-comment-id:3794438721 --> @willthong commented on GitHub (Jan 24, 2026): Pinging internal domain correctly hits DNS server (192.168.0.242) from within newt container: ```bash docker exec -it newt /bin/sh / # ping home.internal PING home.internal (192.168.0.242) 56(84) bytes of data. 64 bytes from deathandgravity.internal (192.168.0.242): icmp_seq=1 ttl=64 time=0.029 ms ``` Newt container logging shows "use of closed network connection" UDP errors when attempting holepunch: ``` INFO: 2026/01/24 10:37:35 Peer [REDACTED] updated successfully INFO: 2026/01/24 10:38:07 Triggering on-demand hole punch to 1 exit nodes WARN: 2026/01/24 10:38:07 Failed to send on-demand hole punch to 86.24.50.100: failed to write to UDP: use of closed network connection INFO: 2026/01/24 10:38:07 Removing Endpoint for peer [REDACTED] INFO: 2026/01/24 10:38:07 Peer [REDACTED] updated successfully ```  ``` cat docker-compose.yml services: newt: image: fosrl/newt container_name: newt restart: unless-stopped environment: - PANGOLIN_ENDPOINT=https://pangolin.willthong.com - NEWT_ID=[REDACTED] - NEWT_SECRET=[REDACTED] ``` Newt is correctly routing external requests to Public Resources but no connectivity to Private Resources. Please shout if this isn't actually the same issue and I'll happily split into a new ticket. Thanks for a brilliant product!

GiteaMirror commented 2026-04-27 22:23:46 -05:00

Author

Owner

Copy Link

@mattheys commented on GitHub (Feb 13, 2026):

   cat docker-compose.yml
services:
  newt:
    image: fosrl/newt
    container_name: newt
    restart: unless-stopped
    environment:
      - PANGOLIN_ENDPOINT=https://pangolin.willthong.com
      - NEWT_ID=[REDACTED]                  
      - NEWT_SECRET=[REDACTED] 

Newt is correctly routing external requests to Public Resources but no connectivity to Private Resources. Please shout if this isn't actually the same issue and I'll happily split into a new ticket. Thanks for a brilliant product!

You should really open a separate issue for this I think, however you might need to add the environment variable ACCEPT_CLIENTS=true to the newt container.

<!-- gh-comment-id:3897009303 --> @mattheys commented on GitHub (Feb 13, 2026): > ``` > cat docker-compose.yml > services: > newt: > image: fosrl/newt > container_name: newt > restart: unless-stopped > environment: > - PANGOLIN_ENDPOINT=https://pangolin.willthong.com > - NEWT_ID=[REDACTED] > - NEWT_SECRET=[REDACTED] > ``` > > Newt is correctly routing external requests to Public Resources but no connectivity to Private Resources. Please shout if this isn't actually the same issue and I'll happily split into a new ticket. Thanks for a brilliant product! You should really open a separate issue for this I think, however you might need to add the environment variable ACCEPT_CLIENTS=true to the newt container.

GiteaMirror commented 2026-04-27 22:23:47 -05:00

Author

Owner

Copy Link

@oschwartz10612 commented on GitHub (Feb 25, 2026):

@mattheys ACCEPT_CLIENTS=true is not required and is deprecated on latest versions of newt.

I would ignore --dns as newt should use the dns of the system. Please reopen if this still a problem.

<!-- gh-comment-id:3961796890 --> @oschwartz10612 commented on GitHub (Feb 25, 2026): @mattheys ACCEPT_CLIENTS=true is not required and is deprecated on latest versions of newt. I would ignore --dns as newt should use the dns of the system. Please reopen if this still a problem.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/go_modules/prod-patch-updates-6805a9e229

dependabot/go_modules/golang.zx2c4.com/wireguard/windows-1.0.1

dependabot/docker/minor-updates-1134f52710

dev

fix-nix

dependabot/github_actions/actions/setup-go-6.4.0

dependabot/github_actions/docker/build-push-action-7.1.0

dependabot/github_actions/aws-actions/configure-aws-credentials-6.1.0

dependabot/github_actions/softprops/action-gh-release-3.0.0

logging-provision

1.12.3

1.12.2

v1.12.2

1.12.1

v1.12.1

1.12.0

v1.12.0

v1.12.0-rc.1

1.12.0-rc.0

1.11.0

v1.11.0

1.10.4

1.10.3

v1.10.3

1.10.2

v1.10.2

1.10.1

v1.10.1

1.10.0

v1.10.0

1.9.5

1.9.4

1.9.3

1.9.2

1.9.1

1.9.0

v1.9.0

1.8.1

v1.8.1

v1.8.0

1.8.0

1.8.0-rc.0

1.7.0

1.6.1

1.7.0-rc.0

1.6.0

v1.0.1

1.4.9

1.5.2

1.5.1

1.5.0

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.1

1.2.0

1.1.3

1.1.2

1.1.1

1.1.0

1.0.0

1.0.0-beta.5

1.0.0-beta.4

1.0.0-beta.3

1.0.0-beta.2

1.0.0-beta.1

Labels

Clear labels

bug

dependencies

enhancement

good first issue

help wanted

Improvement

needs investigating

pull-request

Mirrored from GitHub Pull Request

stale

wontfix

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/newt#1719