New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding ecs is not suitable for public network vps servers #383
Comments
Not sure I understand the ask. Can you provide more details or an example? Is this about using a specific interface to send the DNS requests, or about adding something to the ECS record? |
For example, use dig to attach ecs for testing |
The reproduction method is very simple. You use https://dns.google/dns-query (8.8.8.8) as the upstream of routedns, and then use dig a +subnet=211.139.5.0/24 @127.0.0.1 -p 5500 www.taobao .com, where 5500 is the listening port of routedns. You will find that the result of the parsing is different from the result of directly requesting https://dns.google/query?name=www.taobao.com&rr_type=A&ecs=211.139.5.0%2F24. |
Can you show me your config as well? Or at least the ECS part of it. When I test with a plain config I'm getting the expected results.
|
here
|
I think I understand now. So you want to [groups.ecs]
type = "ecs-modifier"
resolvers = ["rrl"]
ecs-op = "add-if-missing"
ecs-prefix4 = 24
ecs-prefix6 = 64 |
Thank you, wait a moment |
There is still a problem when executing |
Not sure what happened in your case there. It looks like your
|
My upstream test here is normal, but when testing routedns, the value of CLIENT-SUBNET will occasionally be lost. |
Does it only happen sometimes? Can you test without the cache? I wonder if that plays into this issue |
Your thoughts are the same as mine. It is normal for me to test ecs after not using cache. |
I have now changed to another server. It does not have a proxy environment, and the cache test seems to be normal. Could it be that the proxy affects ecs? |
Currently, when testing regular DNS and building an encrypted DNS server, empty resolution occurs. The same situation occurs when configuring content without any filtering. |
From the documentation, we know that when add is used to add ecs and ecs-address does not write anything, the client's IP is used to make the request.
I need to change to when ecs-address does not write anything, use the client's ecs subnet ip to make requests
The text was updated successfully, but these errors were encountered: