AdGuard Home stopped querying upstream

Name:

adguard-home

App Version:

v0.107.73

Version:

v1.3.5

I’ve been using this app for about a year with no issues. Then some time in the night the service stopped responding to any DNS query that requires an upstream query. Custom filtering rules work fine.

For example, if I run tcpdump on Truenas filtering for just port 53, then do an nslookup from a LAN host for truenas.com, I see the query come to Truenas, but no upstream query and no response to the client. If I do nslookup for a host that is in my custom filtering rules, truenas responds to the client with the prescribed IP address.

I’m using cloudflare for my upstream servers. If I click the “Test upstreams” button in AGH’s DNS Settings, I immediately get the response “Specified DNS servers are working correctly” and tcpdump shows a query to the upstream servers for “test.” and an NXDOMAIN response. So I know upstream is working, but AGH only queries them for the test.

In the app’s log I see a fast stream of errors like this:

=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDUxMzIEZDRjOQJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:29.281405+00:002026/04/08 17:56:29.281302 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDUxMzIEZDRjOQJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:29.284768+00:002026/04/08 17:56:29.284648 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDUxMzIEZDRjOQJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.469685+00:002026/04/08 17:56:29.469528 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:29.469750+00:002026/04/08 17:56:29.469657 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:29.469922+00:002026/04/08 17:56:29.469862 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.473568+00:002026/04/08 17:56:29.473489 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.473609+00:002026/04/08 17:56:29.473562 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:29.473657+00:002026/04/08 17:56:29.473600 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.871515+00:002026/04/08 17:56:29.871336 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.871603+00:002026/04/08 17:56:29.871452 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": context deadline exceeded"
2026-04-08 17:56:29.871623+00:002026/04/08 17:56:29.871566 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": context deadline exceeded"
2026-04-08 17:56:29.872880+00:002026/04/08 17:56:29.872813 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.872910+00:002026/04/08 17:56:29.872821 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:29.875262+00:002026/04/08 17:56:29.875180 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABGEyZGMENTE5ZAQ3MWI0AnBjA2RucwdhZGd1YXJkA2NvbQAAEAAB\": context deadline exceeded"
2026-04-08 17:56:30.481909+00:002026/04/08 17:56:30.481719 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:30.482023+00:002026/04/08 17:56:30.481882 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:30.482052+00:002026/04/08 17:56:30.481972 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": context deadline exceeded"
2026-04-08 17:56:30.484383+00:002026/04/08 17:56:30.484295 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:30.485509+00:002026/04/08 17:56:30.485425 [error] dnsproxy: response received upstream_type=service addr=https://family.adguard-dns.com:443/dns-query proto=tcp status="requesting https://family.adguard-dns.com:443/dns-query: Get \"https://family.adguard-dns.com:443/dns-query?dns=AAABAAABAAAAAAAABDJhZGMEYjYyOAJwYwNkbnMHYWRndWFyZANjb20AABAAAQ\": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)"
2026-04-08 17:56:30.487666+00:002026/04/08 17:56:30.487598 [error] dnsproxy: response received upstream_type=servic

Your logs seem to indicate that you have a DoH endpoint, family.adguard-dns.com configured as your upstream resolver - so it’s no surprise you wouldn’t see connections to the upstream via tcpdump if you’re filtering for port 53.

Can you curl https://family.adguard-dns.com -I from shell okay? Considering the timeout messages I’m guessing you can’t reach it at all.

If you could provide some screenshots of your adguard upstream & truenas network config it might provide some better insight

curl times out.

I don’t recall configuring family.adguard-dns.com or DoH at any time, and I haven’t modified my config is months. This stopped working overnight.

dns_settings1219×5195 503 KB

Screenshot from 2026-04-08 13-06-411650×612 21.1 KB

Nothing standing out to me in either of those screenshots unfortunately.

Quite strange to see it in the logs but not configured. I’m not super familiar with the ins-and-outs of Adguard though, maybe it uses that endpoint for something else.

Considering connecting to that domain timed out from shell, there’s definitely something not right networking-wise, would be a good idea to scrutinize connectivity from TrueNAS as a whole.

I’d confirm both if you’re able to query DNS via dig & if you’re able to ping something public like 1.1.1.1 or your gateway 192.168.4.1. As you’re able to reach TrueNAS and haven’t made any changes on it, could something like a firewall suddenly be blocking upstream connectivity?

Truenas can resolve names just fine from the shell using a variety of DNS servers, including cloudflare’s. It’s just that adguard appears to not try, except when manually testing the upstream servers.

If I go to DNS Blocklists and disable both of the lists there, it still doesn’t resolve external addresses. But if I go to Dashboard and disable protection, suddenly it resolves everything fine.

I found the workaround here: