Issue with resolving DNS, Ubuntu

Hi there, so I think I have an issue with the resolving of the DNS. I have a validated that:

  • The containers run correctly and are connected, as can be seen in the dashboard of the remote device

  • That I have successfully installed the client, as was defined in the instructions. When I run twingate resources in the terminal, I see the resources listed as I would expect, and I therefore think that the connection should be good and the client installed correctly.

  • I can further confirm that the connection exists by running nmcli connection show which lists a sdwan0 connection, which as far as I can tell, should be the connection of TwinGate.

  • The last thing that i checked was the /etc/resolv.conf that was configured as being:

options edns0 trust-ad
search .

Which seems to be correct, when comparing it to other forum posts…

When I ping one of the resources, nothing happens. This connection already works with my Android devices, however, so there must be an issue with the configuration of the Linux machine in some way or form.

My linux machine has the following specs:

            .-/+oossssoo+/-.               ddfsdsf@dsfdsfds-desktop 
        `:+ssssssssssssssssss+:`           ------------------------- 
      -+ssssssssssssssssssyyssss+-         OS: Ubuntu 23.10 x86_64 
    .ossssssssssssssssssdMMMNysssso.       Host: B550 Taichi 
   /ssssssssssshdmmNNmmyNMMMMhssssss/      Kernel: 6.5.0-10-generic 
  +ssssssssshmydMMMMMMMNddddyssssssss+     Uptime: 24 mins 
 /sssssssshNMMMyhhyyyyhmNMMMNhssssssss/    Packages: 2227 (dpkg), 30 (snap) 
.ssssssssdMMMNhsssssssssshNMMMdssssssss.   Shell: bash 5.2.15 
+sssshhhyNMMNyssssssssssssyNMMMysssssss+   Resolution: 3440x1440 
ossyNMMMNyMMhsssssssssssssshmmmhssssssso   DE: GNOME 45.0 
ossyNMMMNyMMhsssssssssssssshmmmhssssssso   WM: Mutter 
+sssshhhyNMMNyssssssssssssyNMMMysssssss+   WM Theme: Adwaita 
.ssssssssdMMMNhsssssssssshNMMMdssssssss.   Theme: Yaru-dark [GTK2/3] 
 /sssssssshNMMMyhhyyyyhdNMMMNhssssssss/    Icons: Yaru-dark [GTK2/3] 
  +sssssssssdmydMMMMMMMMddddyssssssss+     Terminal: gnome-terminal 
   /ssssssssssshdmNNNNmyNMMMMhssssss/      CPU: AMD Ryzen 9 5950X (32) @ 3.400GHz 
    .ossssssssssssssssssdMMMNysssso.       GPU: NVIDIA GeForce RTX 3090 
      -+sssssssssssssssssyyyssss+-         Memory: 6140MiB / 128724MiB 

In short, I think that something is causing to not resolve the addresses correctly. I am not great at networking, I love the product and any help would be very welcome :slight_smile:


1 Like

Hi @peda,

the resource that is mapped to your NAS seems to be configured to point to which is the loopback address which would not work (unless your Connector is installed directly on your NAS but I assume it isnt the case since you mentioned containers (Im guessing your Connector is running as a container?).

For connectivity to work, there are 2 prerequisites:

  • the Connectors need to be able to route traffic to the resources (meaning that the Connector needs to route traffic to your NAS which I assume has a different IP that is not
  • if using FQDN for resources, your Connectors also need to be able to locally resolve those FQDNs (the best way to figure out if that is the case is often to connect to the host where your Connector is deployed and run a dig or nslookup command to see if your FQDNs are resolvable from the perspective of your Connector.

Hi Bren, thank you for your swift reply! So the NAS is working! It works fine when I use my android phone. (Yes, I have ported everything to localhost as my Jellyfin application and some other things run natively on my NAS). It just with my Linux computer (ubuntu) that it doesnt work…

So the problem is not the NAS, but that the Linux client is not working, while the Android client is.
Does that make sense?

Thank you for your time!

Hey @Peda,

How are you trying to access your NAS? is it via IP or hostname? Are you accessing from the CLI or from a browser? If its a hostname, and you do a nslookup <hostname> - do you get a response or does it fail?

If you add a random website (say as a Twingate resource, and do a nslookup while connected to Twingate, what kind of response do you get back?

Hi @Arthur, thanks for your fast response! So when I do nslookup, I get the following:
Note that I would be expecting my application for the NAS to run on port 8096, so explicitly test that too. As you can see there is a server fail. Note that this is available on my Android device via TwinGate.

I added a resource, with an alias kittens.local to my nas group. When i print out twingate resources I get:

kittens	kittens.local	Not authenticated
NAS   	nas.local    	Not authenticated
trng  	trng.local   	Not authenticated

I notice that I am not authenticated. When I try to authenticate, I get nowhere:

➜ sudo twingate auth nas
07:26:43 [ERROR] Error: failed to process command "auth-end": no "auth_flow_id" in auth-end command

Running it with sudo yields the same result. Doing an NSLookUp on kittens.local doesnt get me any further:

✖  nslookup kittens.local
;; communications error to timed out

** server can't find kittens.local: SERVFAIL

Could it be that i have an authorization issue? It would explain the point of failure. I already redid the setup, but that didnt help. In the setup it tries to Authenticate and nothing happens. The output of the setup is:

✖  sudo twingate setup
Twingate Setup 2023.250.97595 | 0.149.1
By continuing, you agree to the User Terms of Service (
and acknowledge the Privacy Policy ( [A]gree/[q]uit: A
Your current Twingate network is 'geelenio'. Do you want to change it? [y/N]: 
Do you want to automatically start the Twingate service at boot? [Y/n]: 
Enabled Twingate to start automatically
Do you want the Twingate service to automatically login after restart?
This requires saving authentication data in /var/lib/twingate (accessible only to root) [y/N]: y
Do you want to automatically share application error reports with Twingate? [Y/n]: Y
Do you want to start Twingate now? [Y/n]: Y
Twingate has been started; user authentication is required for access to Resources
To start desktop notifications, run `twingate desktop-start`.
Alternatively, you can run `/usr/bin/twingate-notifier console` in order to receive Twingate authentication requests in the console.

When I try to authenticate i get stuck:

✖  /usr/bin/twingate-notifier console
Twingate Client Status: Online

Nothing happens at this point, so I quit the operation (CTLR+C). I also looked at this post here: Issue connecting after installation on fresh linux system - #5 by jimb0 But I do not have that many SDWANs:

✖  nmcli connection show
NAME                UUID                                  TYPE      DEVICE          
MyWiFiNetwork           c55eaaa2-3f4a-428b-b65e-6f1a4f8b9b2e  wifi      wlp8s0          
br-f5aa98ddfb54     90de535b-4251-42d5-bbfd-7fba374d9889  bridge    br-f5aa98ddfb54 
lo                  931b1970-d410-4ff9-b34b-3233016682cf  loopback  lo              
sdwan0              242cfaaa-2502-4950-a85f-ef7f17e263a6  tun       sdwan0          
br-1aad98d0c41f     1d1ce2e4-929e-4e2a-bd1f-9ffbcd99ceb3  bridge    br-1aad98d0c41f 
br-3616f43ba47e     c4346913-ae49-4787-9b7e-2ea512604cc0  bridge    br-3616f43ba47e 
docker0             39f9ef66-ae89-48bf-b028-47b61c8f2d15  bridge    docker0         
virbr0              bc2934fd-a4f0-4bcf-b1f9-d87d0581526c  bridge    virbr0          
Wired connection 1  61ee18aa-3ad5-35f5-bb6e-40e116c2e3a7  ethernet  --       

(I redacted my wifi network here).

What would be the next steps?

Thanks sooo much for your time :slight_smile:

My post is blocked by Akismet…

Any way to resolve that?

In the meanwhile, I have figured out that stopping and starting the service triggers the authentication process. Unfortunately this doesnt change anything in terms of still not being able to connect…

✖  sudo twingate service-stop
Stopped Twingate

~                                                                                                                                                             21:02:51 
➜ sudo twingate service-start
Twingate has been started; user authentication is required for access to Resources

~                                                                                                                                                             21:02:58 
➜ sudo twingate resources
kittens	kittens.local	Auth expires in 4 days
NAS   	nas.local    	Auth expires in 4 days
trng  	trng.local   	Auth expires in 4 days

I apologize for the spam filtering. This should not be an issue any longer.

Can you try doing nslookup rather than kittens.local and tell me what you get back?

No worries, I am happy that we could resolve it. Here are my results:

➜ nslookup kittens.local

Non-authoritative answer:
Name:	kittens.local

~                                                                                    19:40:56 
➜ nslookup

Non-authoritative answer:

BTW: I had to reinstall my computer, so things might be a little different this time…

@Arthur , friendly reminder, is there any news?

@Bren, I hope it OK that I tag you too. I understand that I risk becoming really annoying…

Hi @peda, not a problem at all!

So there is one thing I’d like to check… Could you change your alias from nas.local to and see if it makes a difference?

(my train of thought is based on the fact that, technically speaking, the .local domain is reserved (take a look at the article here), so I wonder if it’s simply a case of Linux trying to resolve it without leveraging DNS because it is a .local…

Let me know if that changes the behavior!

@Bren, you are a genius, it works now! Who would have thought that it is that simple!

ahhhh that’s great!!!