ustclug / neatdns Goto Github PK
View Code? Open in Web Editor NEWanti-pollution DNS server
License: MIT License
neatdns's People
Contributors
Stargazers
Watchers
Forkers
seyrenus product-think2049 jamesits pixelorz codexss fqtools nealscarffery itplanes lijieweb443 lfyg cheaven lonelylose yanzhaowu rwdrqp hkbase aenon codebase-cn i2like jn7163 0n3la57k155 shirasama shirakun punizione kiterepo tuchang wujcheng proffan kevinkingdomviva thomaslovell reechang w796933 hcm82 skyformat99 kun1230 sbhnet antewu kaixinzheng blacktouma ffha i201821180 hank9999neatdns's Issues
近日google ads 相关域名及gstatic.com 和googleapis.com具有国内节点的相关域名会解析到新加坡google节点
具体一点来讲,10次解析可能有8次解析到国外的节点。。
原因应该是这部分域名未分流至国内的上游DNS解析,所以导致了此情况。
(也有可能是上游的DNS故障?)
Public resolver?
Hi,
And good job on NeatDNS!
I was just wondering if you had a public running DNSCrypt instance (that forwards to servers in mainland China for chinese domains, and servers outside mainland China for non-chinese domains)?
If you do, maybe you can add it to https://github.com/DNSCrypt/dnscrypt-resolvers ?
Cannot resolve {ftp,www}.gnu.org
$ dig @202.141.162.123 ftp.gnu.org
; <<>> DiG 9.12.0 <<>> @202.141.162.123 ftp.gnu.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1405
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ftp.gnu.org. IN A
;; Query time: 3023 msec
;; SERVER: 202.141.162.123#53(202.141.162.123)
;; WHEN: Sun Feb 25 15:50:50 CST 2018
;; MSG SIZE rcvd: 40
$ dig @202.141.162.123 www.gnu.org
; <<>> DiG 9.12.0 <<>> @202.141.162.123 www.gnu.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 33266
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.gnu.org. IN A
;; Query time: 3006 msec
;; SERVER: 202.141.162.123#53(202.141.162.123)
;; WHEN: Sun Feb 25 15:50:56 CST 2018
;; MSG SIZE rcvd: 40
$ dig @202.141.162.123 forums.freebsd.org
; <<>> DiG 9.12.0 <<>> @202.141.162.123 forums.freebsd.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 59057
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;forums.freebsd.org. IN A
;; Query time: 3006 msec
;; SERVER: 202.141.162.123#53(202.141.162.123)
;; WHEN: Sun Feb 25 15:52:37 CST 2018
;; MSG SIZE rcvd: 47
[Usage] DONT support dnscrypt-proxy 2
client: https://github.com/jedisct1/dnscrypt-proxy
DNS Stamp Generate by https://dnscrypt.info/stamps
dnscrypt:sdns://AQcAAAAAAAAAEzIwMi4xNDEuMTYyLjEyMzo0NDMgQ2UVh-egjHwXWdMAYhiJrlmZQspWLssAA-UhR6hQ4ZEbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUub3Jn
doh: sdns://AgcAAAAAAAAADzIwMi4xNDEuMTYyLjEyMwATbmVhdGRucy51c3RjbHVnLm9yZwgvcmVzb2x2ZQ
All timeout
named忽略了forwarder响应中CNAME名字关联的A记录
以www.huawei.com为例,CHINA_DNS1返回它的CNAME,直至解析到A记录。A记录中的地址指向国内
但是named的默认行为只取其中直接相关的CNAME,再根据zone配置继续查询,最终的效果是解析出的地址为国外地址,并且解析响应时较长
在neatdns的应用场景下,应该允许直接返回CHINA_DNS1的结果吧,像dnsmasq那样?
20:44:43.502289 IP 172.17.0.1.56625 > 172.17.0.7.53: 59570+ [1au] A? www.huawei.com. (43)
20:44:43.504004 IP 172.17.0.7.42238 > x.x.x.x.53: 18241+ A? www.huawei.com. (32)
20:44:43.506888 IP x.x.x.x.53 > 172.17.0.7.42238: 18241 4/0/0 CNAME www.huawei.com.akadns.net., CNAME www.huawei.com.lxdns.com., A 60.222.221.125, A 111.206.186.250 (138)
20:44:43.508651 IP 172.17.0.7.55259 > 8.8.4.4.53: 52641+% [1au] A? www.huawei.com.akadns.net. (66)
20:44:43.653994 IP 8.8.4.4.53 > 172.17.0.7.55259: 52641 3/0/1 CNAME ion-sslv6.huawei.com.edgekey.net., CNAME e10173.dsca.akamaiedge.net., A 184.51.184.239 (150)
20:44:43.655605 IP 172.17.0.7.34264 > 8.8.4.4.53: 51105+% [1au] A? ion-sslv6.huawei.com.edgekey.net. (73)
20:44:43.719259 IP 8.8.4.4.53 > 172.17.0.7.34264: 51105 2/0/1 CNAME e10173.dsca.akamaiedge.net., A 184.51.184.239 (114)
20:44:43.721277 IP 172.17.0.7.48331 > 8.8.4.4.53: 13692+% [1au] A? e10173.dsca.akamaiedge.net. (67)
20:44:43.787276 IP 8.8.4.4.53 > 172.17.0.7.48331: 13692 1/0/1 A 184.51.184.239 (71)
20:44:43.788431 IP 172.17.0.7.53 > 172.17.0.1.56625: 59570 4/0/1 CNAME www.huawei.com.akadns.net., CNAME ion-sslv6.huawei.com.edgekey.net., CNAME e10173.dsca.akamaiedge.net., A 184.51.184.239 (184)
Current dnscrypt-wrapper deprecated '--show-provider-publickey-fingerprint' command
When I run the 'pre-run' command manually in the container, it worked like below.
bash-4.4# dnscrypt-wrapper --show-provider-publickey-fingerprint --provider-publickey-file public.key > fingerprint
error: unknown option `--show-provider-publickey-fingerprint`
请问neatDNS支持DOT吗,如果有DOT地址应该填什么呢
安卓9只支持DOT。。
在树莓派3上面不能正常编译
在树莓派3上面不能正常编译,上面时候能够适配arm平台?
Sending build context to Docker daemon 45.06kB
Step 1/4 : FROM smartentry/alpine:3.6-0.4.0
---> fd6124af5993
Step 2/4 : MAINTAINER Yifan Gao [email protected]
---> Using cache
---> 46a3ad3d5611
Step 3/4 : ADD .docker $ASSETS_DIR
---> Using cache
---> f655863d765f
Step 4/4 : RUN smartentry.sh build
---> Running in 3ea06503dc34
standard_init_linux.go:190: exec user process caused "exec format error"
The command '/bin/sh -c smartentry.sh build' returned a non-zero code:
该DNS服务器能做到国内外分流吗
国内服务器解析到国内的DNS,国外的解析到国外
services.googleapis.cn的解析问题
默认情况下,services.googleapis.cn是解析到国内的IP,并且如果EDNS为国内IP段的话,Google DNS也是解析到国内的IP,这就带来了一个问题,因为在某些国内Android手机中的Play Store的相关功能会请求该域名,如果解析至国内的IP,则会出现404错误,所以我建议对此域名作特殊处理。
增加几个环境变量吧
比如国内外的上游dns服务器,现在我看配置文件里国内用的合肥的,国外用的google的,想换就得从新构建
顺便,看里面有dnscrypt的相关配置,问下dnscrypt的证书哪里设置的
水平渣,看不懂
DNS似乎再次被污染!?
λ nslookup www.dropbox.com 202.141.162.123
服务器: lug.ustc.edu.cn
Address: 202.141.162.123
非权威应答:
名称: www.dropbox.com
Address: 64.13.192.76
λ nslookup -vc www.dropbox.com 202.141.162.123
服务器: lug.ustc.edu.cn
Address: 202.141.162.123
非权威应答:
名称: www.dropbox-dns.com
Addresses: 2620💯6032:1::a27d:5201
67.228.102.32
Aliases: www.dropbox.com
多次NSLOOKUP,发现时常会被污染!
该项目和chinadns相比,解决了什么问题?
比起chinadns项目,性能如何?有哪些新的特性??
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.