Err_spdy_protocol_error

handlingsushi · June 15, 2018, 2:58am

I installed Pi Hole with OpenVPN on DigitalOcean following this guide. How to Block Advertisements at the DNS Level Using Pi-hole and OpenVPN on Ubuntu 16.04 | DigitalOcean

I did not do anything that's not in that guide include setting these iptable rules.

This mostly works fine, except so far I've been able to find a couple of websites that do not work. I get the error below for them (both websites are https only).

Expected Behaviour:

Visit itchy.nl, it should load the site (https).

Actual Behaviour:

This site can’t be reached
The webpage at https://itchy.nl/ might be temporarily down or it may have moved permanently to a new web address.
ERR_SPDY_PROTOCOL_ERROR

Debug Token:

[✓] Your debug token is: oh4pighozs

Mcat12 · June 15, 2018, 3:01am

Is that site blocked?

Mcat12 · June 15, 2018, 3:03am

Run pihole -g and make a new debug token.

handlingsushi · June 15, 2018, 3:04am

It's not blocked:

$ pihole -q itchy.nl
  [i] No results found for itchy.nl found within block lists

[✓] Your debug token is: a1lwyvfiqo

Mcat12 · June 15, 2018, 3:15am

What does the query look like in the logs? /var/log/pihole.log or pihole -t

handlingsushi · June 15, 2018, 3:19am

Nothing in the logs for the domain. The request does not even reach the server. Error code ERR_SPDY_PROTOCOL_ERROR suggests something to do with how SPDY (or HTTPs) is handled.

Mcat12 · June 15, 2018, 3:21am

If it isn't in the logs, then Pi-hole can not be the issue. Pi-hole only handles DNS requests, which are independent from protocols like HTTP

handlingsushi · June 15, 2018, 3:24am

This happens both on my Android phone, and on my Macbook when I'm connected to the OpenVPN server.

Do you think it's something to do with how https is handled? I am trying to figure out if this is an OpenVPN issue or Pi-hole issue.

Mcat12 · June 15, 2018, 3:26am

Does it happen if you don't use Pi-hole?

robgill · June 16, 2018, 12:06am

Are you using chrome on these devices? Because it seems to be an ongoing issue (since 2015 at least) with chrome, showing up in different situations, with some "anti-virus" software, and frequently with vpns. Some examples:

google product formus,
techdows,
zenmate vpn

The same issue is mentioned on many other places, with some of the purported fixes being ritualistic voodoo eg "clear your cache and cookies", rather than solving problem in a permanent way for all sites.

If you are using chrome, please try another browser and report back.

handlingsushi · June 16, 2018, 3:53pm

It's not a browser thing. I tested with the VPN+PIhole on in Safari and on my Pixel phone. Fails everywhere.

Mcat12 · June 16, 2018, 3:57pm

Does it happen if you don't use the VPN?

handlingsushi · July 1, 2018, 7:30pm

Ok I setup a brand new openVPN server (without Pi-Hole), and tried to connect to the site. And it works. So the issue seems to be with pi-Hole somehow?

Mcat12 · July 1, 2018, 7:35pm

If there's no request being sent to the DNS server, then Pi-hole can't be changing anything.

system · July 22, 2018, 7:35pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.