Trang chủ Khám phá Trợ giúp
Đăng nhập
yosoyhendrix
/
dnstt
mirror of https://www.bamsoftware.com/git/dnstt.git
1
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: 46acde28bc
Branches Tags
dnstt
/
TODO

TODO 2.2 KB
Lịch sử Raw

1234567891011121314151617181920212223242526272829303132333435363738 
  1. In -dot mode, if, after the TLS connection may become disconnected, the
    2. 

  2. redial fails to connect, it results in "operation on closed connection"
    3. 

  3. errors and a useless connection up until idleTimeout (2 to 4 minutes
    4. 

  4. later), when the stream ends. For example, see
    5. 

  5. 1-12c59bf6/quad9_dot_1.dnstt.client.log from the 2021-08-02 dnstt-tests
    6. 

  6. performance measurement:
    7. 

  7. 	2021/08/02 10:00:49 recvLoop: read tcp 10.0.1.2:34788->9.9.9.9:853: read: connection reset by peer
    8. 

  8. 	2021/08/02 10:00:49 sendLoop: write tcp 10.0.1.2:34788->9.9.9.9:853: write: broken pipe
    9. 

  9. 	2021/08/02 10:00:50 tls.Dial: dial tcp 9.9.9.9:853: connect: connection refused
    10. 

  10. 	2021/08/02 10:00:50 recvLoop: read dummy dummy: operation on closed connection
    11. 

  11. 	2021/08/02 10:00:50 send: write dummy dummy: operation on closed connection
    12. 

  12. 	2021/08/02 10:00:52 send: write dummy dummy: operation on closed connection
    13. 

  13. 	...
    14. 

  14. 	2021/08/02 10:03:02 send: write dummy dummy: operation on closed connection
    15. 

  15. 	2021/08/02 10:03:06 send: write dummy dummy: operation on closed connection
    16. 

  16. 	2021/08/02 10:03:09 end stream cde4ab0c:3
    17. 

  17. To fix this, we could be more persistent in redialing, and/or cause a
    18. 

  18. redial failure to cause the stream and session to terminate immediately.
    19. 

  19. We already close TLSPacketConn; we should perhaps also terminate
    20. 

  20. DNSPacketConn.sendLoop.
    21. 

  21. 

  22. Randomize the source port for each query in plain-UDP mode. Currently we
    23. 

  23. create a socket with net.ListenUDP and use it for all queries, which
    24. 

  24. means all queries have the same source address. ValdikSS reports that in
    25. 

  25. regions of Turkmenistan, UDP associations that use the same 4-tuple are
    26. 

  26. blocked after a few seconds.
    27. 

  27. https://ntc.party/t/topic/475
    28. 

  28. My idea for this is to create a new PacketConn abstraction that creates
    29. 

  29. a bunch (≈100) of goroutines that each do a single query at a time,
    30. 

  30. creating a new socket for each one and waiting for a response on the
    31. 

  31. same socket up to a timeout. Similar to HTTPPacketConn and its multiple
    32. 

  32. instantiations of sendLoop.
    33. 

  33. 

  34. Add support for DNS over QUIC
    35. 

  35. https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Public+Resolvers#DNSPrivacyPublicResolvers-DNS-over-QUIC(DoQ)
    36. 

  36. https://github.com/AdguardTeam/dnsproxy/blob/660a2da99eb6cc2cf5db9a54f1374dd58fbb5b26/upstream/upstream_quic.go
    37. 

  37. 

  38. Use uTLS for TLS camouflage
    39.