starred/dnss
1
0
Fork 0
mirror of https://github.com/albertito/dnss.git synced 2026-04-26 18:05:57 +03:00
Code Issues 5 Projects Releases Packages Wiki Activity

[GH-ISSUE #11] Work with default(google) but not with others #11

New issue
Closed
opened 2026-03-02 23:35:56 +03:00 by kerem · 8 comments
kerem commented 2026-03-02 23:35:56 +03:00
Owner
Copy link

Originally created by @sebaxakerhtc on GitHub (Jun 30, 2022).
Original GitHub issue: https://github.com/albertito/dnss/issues/11

Originally assigned to: @albertito on GitHub.

Hi there, nice project!
I found this today and i think is awesome project!
But, i try to use it and i can't get it working with custom DoH
This works fine:
sudo dnss -enable_dns_to_https
This works fine too (by IP, but that's wrong):
sudo dnss -enable_dns_to_https -https_upstream "https://1.1.1.1/dns-query"
But this is not:
sudo dnss -enable_dns_to_https -https_upstream "https://cloudflare-dns.com/dns-query"
And this is not work:

sudo dnss -enable_dns_to_https \
-fallback_upstream 1.1.1.1:53 \
-fallback_domains cloudflare-dns.com \
-https_upstream "https://cloudflare-dns.com/dns-query"

Of cource it doesn't work with Quad9 and my own DoH

Another good idea to add helpful info to readme:
To get it working you should disable and stop original resolver which use port 53
This happens if not

sudo systemctl disable systemd-resolved.service
sudo systemctl stop systemd-resolved
sudo systemctl restart dnss

I hope you can help.
Cheers!

Originally created by @sebaxakerhtc on GitHub (Jun 30, 2022). Original GitHub issue: https://github.com/albertito/dnss/issues/11 Originally assigned to: @albertito on GitHub. Hi there, nice project! I found this today and i think is awesome project! But, i try to use it and i can't get it working with custom DoH This works fine: `sudo dnss -enable_dns_to_https` This works fine too (by IP, but that's wrong): `sudo dnss -enable_dns_to_https -https_upstream "https://1.1.1.1/dns-query"` But this is not: `sudo dnss -enable_dns_to_https -https_upstream "https://cloudflare-dns.com/dns-query"` And this is not work: ``` sudo dnss -enable_dns_to_https \ -fallback_upstream 1.1.1.1:53 \ -fallback_domains cloudflare-dns.com \ -https_upstream "https://cloudflare-dns.com/dns-query" ``` Of cource it doesn't work with **Quad9** and **my own DoH** Another good idea to add helpful info to readme: To get it working you should disable and stop original resolver which use port 53 [This happens if not](https://github.com/albertito/dnss/issues/10) ``` sudo systemctl disable systemd-resolved.service sudo systemctl stop systemd-resolved sudo systemctl restart dnss ``` I hope you can help. Cheers!
kerem closed this issue 2026-03-02 23:35:56 +03:00
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@albertito commented on GitHub (Jun 30, 2022):

Thanks for reporting this!

There are integration tests in tests/external.sh which validate that dnss works with some of the public providers, including all the ones you mentioned (cloudflare via ip, cloudflare via domain, quad9). They're run on each commit and weekly from gitlab-ci, and I just run them again from my workstation, and they are all passing.

So I wonder what's causing the failures for you.

Can you run dnss with -v=3, which enables debug logging, and paste the output here so we can debug this further?

Thank you!

<!-- gh-comment-id:1171747307 --> @albertito commented on GitHub (Jun 30, 2022): Thanks for reporting this! There are integration tests in [`tests/external.sh`](https://github.com/albertito/dnss/blob/master/tests/external.sh#L213) which validate that dnss works with some of the public providers, including all the ones you mentioned (cloudflare via ip, cloudflare via domain, quad9). They're run on each commit and weekly from gitlab-ci, and I just run them again from my workstation, and they are all passing. So I wonder what's causing the failures for you. Can you run dnss with `-v=3`, which enables debug logging, and paste the output here so we can debug this further? Thank you!
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@sebaxakerhtc commented on GitHub (Jul 1, 2022):

Thanks for reporting this!

There are integration tests in tests/external.sh which validate that dnss works with some of the public providers, including all the ones you mentioned (cloudflare via ip, cloudflare via domain, quad9). They're run on each commit and weekly from gitlab-ci, and I just run them again from my workstation, and they are all passing.

So I wonder what's causing the failures for you.

Can you run dnss with -v=3, which enables debug logging, and paste the output here so we can debug this further?

Thank you!

-v (1,2,3) do not show additional info.
Command:
sudo dnss -enable_dns_to_https -https_upstream "https://cloudflare-dns.com/dns-query" -force_mode DoH -v 3
Output when i try to open any website:

_ server.go:166      DNS listening on :53
_ server.go:134      resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
_ server.go:134      resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
_ server.go:134      resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
_ server.go:134      resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
<!-- gh-comment-id:1172011519 --> @sebaxakerhtc commented on GitHub (Jul 1, 2022): > Thanks for reporting this! > > There are integration tests in [`tests/external.sh`](https://github.com/albertito/dnss/blob/master/tests/external.sh#L213) which validate that dnss works with some of the public providers, including all the ones you mentioned (cloudflare via ip, cloudflare via domain, quad9). They're run on each commit and weekly from gitlab-ci, and I just run them again from my workstation, and they are all passing. > > So I wonder what's causing the failures for you. > > Can you run dnss with `-v=3`, which enables debug logging, and paste the output here so we can debug this further? > > Thank you! -v (1,2,3) do not show additional info. Command: `sudo dnss -enable_dns_to_https -https_upstream "https://cloudflare-dns.com/dns-query" -force_mode DoH -v 3` Output when i try to open any website: ``` _ server.go:166 DNS listening on :53 _ server.go:134 resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) _ server.go:134 resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) _ server.go:134 resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) _ server.go:134 resolver query error: POST failed: Post https://cloudflare-dns.com/dns-query: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) ```
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@sebaxakerhtc commented on GitHub (Jul 1, 2022):

It work with only one additional option
-fallback_domains string
My mistake was on "dot" at the end of domain name
I should use dns.quad9.net. instead of dns.quad9.net

yes

<!-- gh-comment-id:1172568426 --> @sebaxakerhtc commented on GitHub (Jul 1, 2022): It work with only one additional option `-fallback_domains string` My mistake was on "dot" at the end of domain name I should use `dns.quad9.net.` instead of `dns.quad9.net` ![yes](https://user-images.githubusercontent.com/32651506/176942801-c0956f29-d889-4534-8758-eeafec3a7037.png)
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@sebaxakerhtc commented on GitHub (Jul 1, 2022):

@albertito
can you explain how to use 2 ip addresses in

-fallback_upstream string

Can i use it like

   -fallback_upstream 1.1.1.1:53 \
   -fallback_upstream 1.0.0.1:53

? Will it work normally?
I'm a paranoic who want to use only my selfhosted DoT, DoH and DNS.
I don't want to use any default(google) requests. Even to request where is my DoH located.
Thank you!

<!-- gh-comment-id:1172579715 --> @sebaxakerhtc commented on GitHub (Jul 1, 2022): @albertito can you explain how to use 2 ip addresses in ``` -fallback_upstream string ``` Can i use it like ``` -fallback_upstream 1.1.1.1:53 \ -fallback_upstream 1.0.0.1:53 ``` ? Will it work normally? I'm a paranoic who want to use only my selfhosted DoT, DoH and DNS. I don't want to use any default(google) requests. Even to request where is my DoH located. Thank you!
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@albertito commented on GitHub (Jul 2, 2022):

What version of dnss are you using? -fallback_domains is deprecated and hasn't been doing anything for a while. Maybe you're running an older version?

As for your latter question: only one -fallback_upstream value is allowed. If more than one is present, the last one will be used.

If you want to completely self-host, which is totally supported by dnss, you just need to set -fallback_upstream and -https_upstream to the servers of your choosing. dnss shouldn't contact anything else.

And you can also use dnss as the DoH server. You have to set -enable_https_to_dns and then the DNS server to use, and TLS certs (or -insecure_http_server if you're running it behind your own proxy).

I hope this helps! Thanks!

<!-- gh-comment-id:1172866582 --> @albertito commented on GitHub (Jul 2, 2022): What version of dnss are you using? `-fallback_domains` is deprecated and hasn't been doing anything for a while. Maybe you're running an older version? As for your latter question: only one `-fallback_upstream` value is allowed. If more than one is present, the last one will be used. If you want to completely self-host, which is totally supported by dnss, you just need to set `-fallback_upstream` and `-https_upstream` to the servers of your choosing. dnss shouldn't contact anything else. And you can also use dnss as the DoH server. You have to set `-enable_https_to_dns` and then the DNS server to use, and TLS certs (or `-insecure_http_server` if you're running it behind your own proxy). I hope this helps! Thanks!
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@sebaxakerhtc commented on GitHub (Jul 2, 2022):

What version of dnss are you using?

From apt | Ubuntu 22.04

seba@RTX4000:~$ apt search dnss
Sorting... Done
Full Text Search... Done

dnss/jammy 0.0~git20200927.0.6aad832e-2build1 amd64
  Proxy for using DNS over HTTPS

As for your latter question: only one -fallback_upstream value is allowed. If more than one is present, the last one will be used.

That's sad. Can you add support for second IP? For redundancy.
If one of servers is down - it still will work
Even windows have this settings LoL
windows

<!-- gh-comment-id:1172868767 --> @sebaxakerhtc commented on GitHub (Jul 2, 2022): > What version of dnss are you using? From apt | Ubuntu 22.04 ``` seba@RTX4000:~$ apt search dnss Sorting... Done Full Text Search... Done dnss/jammy 0.0~git20200927.0.6aad832e-2build1 amd64 Proxy for using DNS over HTTPS ``` > As for your latter question: only one `-fallback_upstream` value is allowed. If more than one is present, the last one will be used. That's sad. Can you add support for second IP? For redundancy. If one of servers is down - it still will work Even windows have this settings LoL ![windows](https://docs.microsoft.com/en-us/windows-server/networking/media/doh-client-support/powershell.png)
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@albertito commented on GitHub (Jul 2, 2022):

Ah! That would explain the issue you're seeing. The problem was fixed in commit 5567591e91 in 2021-03.

I will work with Debian folks to get that package updated. I suggest you build a newer version built from the master branch, then that option shouldn't be needed.

And yeah, adding an option for multiple fallbacks sound reasonable, I will add it to the TODO list. Thanks!

<!-- gh-comment-id:1172874210 --> @albertito commented on GitHub (Jul 2, 2022): Ah! That would explain the issue you're seeing. The problem was fixed in commit 5567591e91 in 2021-03. I will work with Debian folks to get that package updated. I suggest you build a newer version built from the `master` branch, then that option shouldn't be needed. And yeah, adding an option for multiple fallbacks sound reasonable, I will add it to the TODO list. Thanks!
kerem commented 2026-03-02 23:35:57 +03:00
Author
Owner
Copy link

@sebaxakerhtc commented on GitHub (Jul 2, 2022):

The problem was fixed in commit 5567591 in 2021-03.

Builded successfully master with GO.
Now I see "deprecated"

I will add it to the TODO list. Thanks!

It will be great!
Thank you so much!

<!-- gh-comment-id:1172884781 --> @sebaxakerhtc commented on GitHub (Jul 2, 2022): > The problem was fixed in commit [5567591](https://github.com/albertito/dnss/commit/5567591e91040ed94d13b277ba5196d142c554c1) in 2021-03. Builded successfully master with GO. Now I see "deprecated" > I will add it to the TODO list. Thanks! It will be great! Thank you so much!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
next
v0.1.0
Labels
Clear labels   
enhancement

   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
wontfix
No labels
enhancement
enhancement
pull-request
question
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/dnss#11
No description provided.