The Dutch railroads provide free WiFi in intercity trains.
Unfortunately, their DNS proxy has a bug that causes it to always respond with “no results” when it sees a query that uses the DNS extension mechanism.
NixOS by default uses the DNS extension mechanism, so if you want to sue “WiFi in de Trein” you need to set:
networking.resolvconf.dnsExtensionMechanism = falseOh, that’s good to know. I had no issue with wifi on ICE trains on y trip to NixCon, I guess they are different from intercity trains ?
does captive-browser work there?
It may be just a bug but that’s essentially asking for DNS spoofing, given you’re also turning off DNSSEC. I’d setup DNSCrypt if I were you.
They are. ICEs are Deutsche Bahn (they all go through Germany), so everything will be different.
Yeah or perhaps a full VPN might be even better…
I’ll try it next time I travel by train - though IIRC they fail to respond to eDNS queries even after you’ve successfully logged into their terms-and-conditions page, so it wouldn’t help much I guess?
[aengelen@rigter:~]$ captive-browser
2019/11/21 07:33:24 Failed to read config: open /home/aengelen/.config/captive-browser.toml: no such file or directory
[aengelen@rigter:~]$ touch .config/captive-browser.toml
[aengelen@rigter:~]$ captive-browser
2019/11/21 07:33:54 Obtaining DHCP DNS server...
2019/11/21 07:33:54 IPs not found in dhcp-dns output.
[aengelen@rigter:~]$
Do I have to configure something? (it behaves the same on ‘regular’ wifi)
It should just work
Probably some cases are not covered here:
I have config.networking.networkmanager.enable and nmcli dev show | fgrep IP4.DNS does show a result. I haven’t explicitly set cfg.interface AFAICS.
I haven’t explicitly set
cfg.interfaceAFAICS
Ah, yes. It is to be configured
After setting programs.captive-browser.enable = true; and programs.captive-browser.interface = "wlp59s0"; indeed I can use that to browse without disabling dnsExtensionMechanism (and without even accepting the terms and conditions) - which seems impressive.