Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default DNS / IP Mapper not working? #124

Open
ignoramous opened this issue Jan 3, 2025 · 4 comments
Open

Default DNS / IP Mapper not working? #124

ignoramous opened this issue Jan 3, 2025 · 4 comments
Assignees
@ignoramous

Comments

@ignoramous
Copy link
Contributor

I'm trying to upgrade the library to the latest version available to see if the leak is resolved but I run into the following issue when a DNS request is made:

ipmap.go:369: W ipmap: Add: err resolving 1dot1dot1dot1.cloudflare-dns.com: lookup 1dot1dot1dot1.cloudflare-dns.com on localhost: no resolver
ipmap.go:213: W ipmap: Get: zero ips for 1dot1dot1dot1.cloudflare-dns.com:853
dot.go:300: W dot: (Preferred) no proxy for 1dot1dot1dot1.cloudflare-dns.com:853; choosing Base among [Base]
ipmap.go:369: W ipmap: Add: err resolving 1dot1dot1dot1.cloudflare-dns.com: lookup 1dot1dot1dot1.cloudflare-dns.com on localhost: no resolver
ipmap.go:213: W ipmap: Get: zero ips for 1dot1dot1dot1.cloudflare-dns.com
ipmap.go:369: W ipmap: Add: err resolving 1dot1dot1dot1.cloudflare-dns.com: lookup 1dot1dot1dot1.cloudflare-dns.com on localhost: no resolver
ipmap.go:203: W ipmap: Add: zero ips for 1dot1dot1dot1.cloudflare-dns.com
dot.go:188: W dot: tlsdial: (Preferred) nil conn/err for 1dot1dot1dot1.cloudflare-dns.com:853, ech? false; err? unknown network no ips
dot.go:326: W dot: ans? ;; opcode: QUERY, status: SERVFAIL, id: 49375
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;clients4.google.com.	IN	 A
 err(unknown network no ips) / ans(0)
cacher.go:370: W cache: barrier: hangover(k: clients4.google.com:1); discard ans (has? true)

My implementation is the same as before with ee0a5ac. Can I find an example anywhere to compare what I'm supposed to change to use a DoT/DoH server now?
Thank you

Originally posted by @paillardf in #123 (comment)
@paillardf
Copy link

DoT and DoH now need ip address now to work properly. It was not the case with previous version. I don't know if it's an issue but it definitely a behavior change.

@ignoramous
Copy link
Contributor Author

Thanks. Yeah, this is quite a severe bug. Will fix it soon.

@ignoramous ignoramous self-assigned this Jan 3, 2025
@ignoramous
Copy link
Contributor Author 

# offending logs
01-22 15:40:21.654 10882 14166 I GoLog   : doh.go:156: I doh: disabling tls verification for http://flyto.rethinkdns.com/rec
01-22 15:40:21.654 10882 14173 E GoLog   : doh.go:266: W doh: ech(flyto.rethinkdns.com): lookup Lookup on localhost: no resolver

IPMapper's (used by bootstrap) dnsx.Resolver reference has become nil. This obviously shouldn't happen unless the Tunnel is Disconnected.

ignoramous referenced this issue Jan 22, 2025
@ignoramous
ipmap: init'ing only once breaks newer tunnels
a3b82b8
@ignoramous
Copy link
Contributor Author

Fixed in tip. Please do verify.

You can also now leave the DefaultDNS nil (in intra.Connect), and firestack will use network/OS provided DNS (this will not work if intra.Loopback is set to true, which is false by default).

ignoramous referenced this issue Jan 24, 2025
@ignoramous
intra: accept nil default dns to use goos
fada457
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ignoramous ignoramous

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ignoramous @paillardf