search

0xERR0R / blocky

Fast and lightweight DNS proxy as ad-blocker for local network with many features
https://0xERR0R.github.io/blocky/
Apache License 2.0
4.43k stars 199 forks source link

[Feature Request] Support serving DoQ / DoH over HTTP3 #650

Open PeterDaveHello opened 1 year ago

PeterDaveHello commented 1 year ago

Current implementation doesn't offer HTTP3 on DoH server

PeterDaveHello commented 1 year ago

Oh I mean http3 😅

PeterDaveHello commented 1 year ago

Maybe we can use https://github.com/lucas-clemente/quic-go ?

kwitsch commented 1 year ago

Looks promising as it may also resolve the DoQ request. Searched for an integration in miekg/dns and found a repo utilizing both libraries. It seems a bit early stage though.

ThinkChaos commented 8 months ago

I have a local branch where I started work on this using the lib linked above, which has been renamed/moved to https://github.com/quic-go/quic-go.
Status is config is updated and blocky server creates the listeners + QUIC server, but I couldn't get actual requests to work.

When I tried working this (late July), the DoQ client state wasn't great so that was an extra hurdle. I was testing using Knot's kdig but was hitting issues with it so I ended up needing to debug some C code and got tired of that and shelve it :smile:
I'm sure situation has improved though so might give it another shot at some point.

Another good source for inspiration is AdGuardHome: https://github.com/AdguardTeam/AdGuardHome/blob/v0.108.0-b.49/internal/home/web.go#L290

mschirrmeister commented 3 months ago

Is DoH3 and DoQ still on the todo list or maybe even actively worked on? I would really love to see support of these 2 protocols in Blocky. With support of these 2, I (maybe others as well) would be able to use only 1 DNS server software and not chain multiple together.

Right now I do Client --> Blocky --> RouteDNS or AdguardHome --> upstream resolver. The reason for this is, both RouteDNS and AdguardHome support DoH3 and DoQ. In my case they don't do any DNS manipulation, purely forwarding to a bunch of upstream resolvers via DoH, DoT, DoH3 and DoQ.

RouteDNS is also written in Go and leverages the quic-go package.

Another tool that uses quic-go is the dns client q.

RouteDNS or q work very stable for me, so I think quic-go is really mature.

In theory I could remove Blocky from the chain, and let RouteDNS do the DNS blocking, but RouteDNS does not have metrics available in the way I need to consume them. https://github.com/folbricht/routedns/issues/375 The ideal solution is to have Blocky for everything. 😄

ThinkChaos commented 3 months ago

Definitely still on the todo llst, but not being worked on actively ATM.