I cannot seem to get tls or https working to nextdns. <div class="snippet-clipboar

There is a bug here. <a target="_blank" rel="noopener noreferrer nof

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

<a class="user-mention notranslate" data-hovercard-type="user" data-hover

server tls or https to nextdns.. about smartdns-rs HOT 9 CLOSED

mokeyish commented on May 20, 2024

server tls or https to nextdns..

from smartdns-rs.

Comments (9)

mokeyish commented on May 20, 2024

Thank you for feedback. But it seems like there is no problem on my side.

from smartdns-rs.

bcookatpcsd commented on May 20, 2024

Thank you for the response.. greatly appreciated..

What might be wrong with this?


bind :5311
bind-tcp :5311
cache-size 16384
cache-persist no
speed-check-mode none
rr-ttl 300
rr-ttl-min 60
rr-ttl-max 9600
log-level debug
server 8.8.8.8 -bootstrap-dns -exclude-default-group
server-tls dns.google
server tls://dns.google:853

./smartdns run -c local.conf -d

1679321373:INFO: Smart-DNS 🐋 0.4.1 starting
1679321373:INFO: loading configuration from: "local.conf"
1679321373:DEBUG:smartdns::dns_conf::parse:1763: append server udp://8.8.8.8 to group bootstrap-dns
1679321373:INFO: whoami 👉 void-vltr
1679321373:INFO: upstream server: udp://8.8.8.8 [Group: bootstrap-dns]
1679321373:INFO: upstream server: tls://dns.google [Group: default]
1679321373:INFO: upstream server: tls://dns.google [Group: default]
1679321373:WARN:smartdns::dns_client:101: bootstrap-dns must use ip addess, Domain("8.8.8.8")
1679321373:WARN:smartdns::dns_client:120: not bootstrap-dns found, use system_conf instead.
1679321373:DEBUG:smartdns::dns_client:179: create name server [Group: bootstrap-dns], servers 1
1679321373:DEBUG:smartdns::dns_client:179: create name server [Group: Default], servers 2
1679321373:DEBUG:smartdns:271: binding UDP to 0.0.0.0:5311
1679321373:INFO: listening for UDP on 0.0.0.0:5311
1679321373:DEBUG:smartdns:293: binding TCP to 0.0.0.0:5311
1679321373:INFO: listening for TCP on 0.0.0.0:5311
1679321373:INFO:
1679321373:INFO:      _____                      _       _____  _   _  _____
1679321373:INFO:     / ____|                    | |     |  __ \| \ | |/ ____|
1679321373:INFO:    | (___  _ __ ___   __ _ _ __| |_    | |  | |  \| | (___
1679321373:INFO:     \___ \| '_ ` _ \ / _` | '__| __|   | |  | | . ` |\___ \
1679321373:INFO:     ____) | | | | | | (_| | |  | |_    | |__| | |\  |____) |
1679321373:INFO:    |_____/|_| |_| |_|\__,_|_|   \__|   |_____/|_| \_|_____/
1679321373:INFO:
1679321373:INFO: awaiting connections...
1679321373:INFO: server starting up
1679321377:DEBUG:smartdns::dns_server:131: query received: 47484 name: www.amazon.com. type: A class: IN A client: 1.2.3.4:58289
1679321377:DEBUG:smartdns::dns_client:373: initialize name server [Group: Default]
1679321377:DEBUG:smartdns::dns_client::bootstrap:1170: lookup nameserver dns.google A, [207.246.91.188]
1679321377:DEBUG:smartdns::dns_client::bootstrap:1170: lookup nameserver dns.google A, [207.246.91.188]
1679321377:DEBUG:smartdns::dns_mw_ns:99: query name: www.amazon.com. type: A via [Group: default]
1679321377:DEBUG:smartdns::dns_server:269: error resolving: Forward resolution error: proto error: io error: connection refused
^C1679321400:INFO: terminating...
1679321400:INFO: SmartDNS 0.4.1 shutdown

No different if I add in the ca-file / ca-path

This is a void linux (glibc) vm.. this machine is also hosted at Vultr..

This seems to work no problem..

bind :5311
bind-tcp :5311
ca-file /etc/ssl/certs/ca-certificates.crt
ca-path /etc/ssl/certs
cache-size 16384
cache-persist no
speed-check-mode none
rr-ttl 300
rr-ttl-min 60
rr-ttl-max 9600
log-level debug
server-tls 8.8.8.8

(run in debug mode..)

1679321835:INFO: Smart-DNS 🐋 0.4.1 starting
1679321835:INFO: loading configuration from: "local.conf"
1679321835:INFO: whoami 👉 void-vltr
1679321835:INFO: upstream server: tls://8.8.8.8 [Group: default]
1679321835:WARN:smartdns::dns_client:120: not bootstrap-dns found, use system_conf instead.
1679321835:DEBUG:smartdns::dns_client:179: create name server [Group: Default], servers 1
1679321835:DEBUG:smartdns:271: binding UDP to 0.0.0.0:5311
1679321835:INFO: listening for UDP on 0.0.0.0:5311
1679321835:DEBUG:smartdns:293: binding TCP to 0.0.0.0:5311
1679321835:INFO: listening for TCP on 0.0.0.0:5311
1679321835:INFO:
1679321835:INFO:      _____                      _       _____  _   _  _____
1679321835:INFO:     / ____|                    | |     |  __ \| \ | |/ ____|
1679321835:INFO:    | (___  _ __ ___   __ _ _ __| |_    | |  | |  \| | (___
1679321835:INFO:     \___ \| '_ ` _ \ / _` | '__| __|   | |  | | . ` |\___ \
1679321835:INFO:     ____) | | | | | | (_| | |  | |_    | |__| | |\  |____) |
1679321835:INFO:    |_____/|_| |_| |_|\__,_|_|   \__|   |_____/|_| \_|_____/
1679321835:INFO:
1679321835:INFO: awaiting connections...
1679321835:INFO: server starting up
1679321838:DEBUG:smartdns::dns_server:131: query received: 57556 name: www.amazon.com. type: A class: IN A client: 1.2.3.4:35801
1679321838:DEBUG:smartdns::dns_client:373: initialize name server [Group: Default]
1679321838:DEBUG:smartdns::dns_mw_ns:99: query name: www.amazon.com. type: A via [Group: default]
^C1679321845:INFO: terminating...
1679321845:INFO: SmartDNS 0.4.1 shutdown

This seems to break..

bind :5311
bind-tcp :5311
ca-file /etc/ssl/certs/ca-certificates.crt
ca-path /etc/ssl/certs
cache-size 16384
cache-persist no
speed-check-mode none
rr-ttl 300
rr-ttl-min 60
rr-ttl-max 9600
log-level debug
server-tls 8.8.8.8 -host-name: dns.google

(start in debug mode..)

1679321926:INFO: awaiting connections...
1679321926:INFO: server starting up
1679321932:DEBUG:smartdns::dns_server:131: query received: 35327 name: www.amazon.com. type: A class: IN A client: 207.246.122.159:41105
1679321932:DEBUG:smartdns::dns_client:373: initialize name server [Group: Default]
1679321932:DEBUG:smartdns::dns_client::bootstrap:1170: lookup nameserver dns.google A, [207.246.91.188]
1679321932:DEBUG:smartdns::dns_mw_ns:99: query name: www.amazon.com. type: A via [Group: default]
1679321937:DEBUG:smartdns::dns_server:269: error resolving: Forward resolution error: request timed out

dnsdist (the local resolver) is getting the query for dns.google (from the host-name argument it would seem), which is the fallback when there is no bootstrap

Packet from 127.0.0.1:35602 for dns.google. A with id 45870
Packet from 127.0.0.1:35602 for dns.google. A with id 39334
Packet from 127.0.0.1:56070 for dns.google. A with id 56478
Packet from 127.0.0.1:45832 for dns.google. A with id 43833
Packet from 127.0.0.1:63752 for dns.google. A with id 56296
Packet from 127.0.0.1:43064 for dns.google. A with id 32444

Is there something with the bootstrap?

When I set the bootstrap to something that I can see.. -bootstrap-dns is what answers the query.. when its -bootstrap-dns -exclude-default-group the query does not resolve..

With no -bootstrap-dns defined and falling back to system resolver..

Something is weird with nextdns and their names..

(more testing..)

NextDNS and their 'names' I can get google to work with and without names quad9, etc..


bind :5311
bind-tcp :5311
ca-file /etc/ssl/certs/ca-certificates.crt
ca-path /etc/ssl/certs
cache-size 16384
cache-persist no
speed-check-mode none
rr-ttl 300
rr-ttl-min 60
rr-ttl-max 9600
log-level debug
server tls://dns.quad9.net:853

going to take a break from this..

apparently the ':' is not a valid character..

so -host-name: dns.google.com is rejected but -host-name dns.google is correct..

from smartdns-rs.

mokeyish commented on May 20, 2024

There is a bug here.

It seems a bug with this crate: https://github.com/servo/rust-url

from smartdns-rs.

mokeyish commented on May 20, 2024

server-tls 45.90.30.0 -host-name: dns.nextdns.io -tls-host-verify: dns.nextdns.io

The option -tls-host-verify has not been yet implemented.

use

server tls://dns.nextdns.io

instead?

from smartdns-rs.

PikuZheng commented on May 20, 2024

server-tls 45.90.28.0 -host-name: dns.nextdns.io -tls-host-verify: dns.nextdns.io
server-tls 45.90.30.0 -host-name: dns.nextdns.io -tls-host-verify: dns.nextdns.io

try server-tls 45.90.30.0 -host-name dns.nextdns.io
with -tls-host-verify, this upstream will not work.

server tls://dns.google:853

oh, no.... it should be server-tls tls://dns.google:853 or server-tls dns.google:853. server means udp

from smartdns-rs.

mokeyish commented on May 20, 2024

@bcookatpcsd Hi, This issue should have been fixed with the following PR:

#88
#83

Please verify it, thanks!

from smartdns-rs.

mokeyish commented on May 20, 2024

oh, no.... it should be server-tls tls://dns.google:853 or server-tls dns.google:853. server means udp

@PikuZheng There is no difference here:

smartdns-rs/src/dns_conf.rs

Lines 1791 to 1793 in 10cf828

    
           "server" | "server-tcp" | "server-tls" | "server-https" | "server-quic" => { 
        
               self.config_server(conf_name, options) 
        
           }

from smartdns-rs.

PikuZheng commented on May 20, 2024

@PikuZheng There is no difference here:

looks like it fixed now

from smartdns-rs.

mokeyish commented on May 20, 2024

Yeah, I close it first.

from smartdns-rs.

server tls or https to nextdns.. about smartdns-rs HOT 9 CLOSED

Comments (9)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

	"server" \| "server-tcp" \| "server-tls" \| "server-https" \| "server-quic" => {
	self.config_server(conf_name, options)
	}