ameshkov
commented
5 years ago The problem might be that we send GET requests, and this resolver accepts POST only.
Closed gontazaka closed 5 years ago
ameshkov
commented
5 years ago The problem might be that we send GET requests, and this resolver accepts POST only.
gontazaka
commented
5 years ago If the GET request is the cause, it is considered to be a problem on the DoH server side.
RFC8484 https://tools.ietf.org/html/rfc8484
4.1. The HTTP Request DoH servers MUST implement both the POST and GET methods.
ameshkov
commented
5 years ago Yeah, it is.
Btw, if you want to quickly test a resolver, I'd suggest using https://github.com/ameshkov/dnslookup
gontazaka
commented
5 years ago Thanks for the nice utility. :+1:
I tried to verify with some domain names. Can't find regularity. The result is strange. I'll try to contact the service provider.
| Domain name | Request URL |
|---|---|
| "www.example.com." | https://public.dns.iij.jp/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB |
| "iij.jp." | https://public.dns.iij.jp/dns-query?dns=14EBAAABAAAAAAAAA2lpagJqcAAAAQAB |
| "www.adguard.com." | https://public.dns.iij.jp/dns-query?dns=gboBAAABAAAAAAAAA3d3dwdhZGd1YXJkA2NvbQAAAQAB |
| "www.bing.com." | https://public.dns.iij.jp/dns-query?dns=DdABAAABAAAAAAAAA3d3dwRiaW5nA2NvbQAAAQAB |
gontazaka
commented
5 years ago Contact an engineer at IIJ and the problem has been fixed. It is not a bug of dnsproxy.
I have confirmed that it works with "AdGuard for Android" and "AdGuard Home".
Thank you for your help.
HTTP response code 400 is returned, when the following DoH service is specified as upstream.
https://public.dns.iij.jp/dns-queryDoT is fine.
tls://public.dns.iij.jpThe DNS service is a beta service by a corporation [Internet Initiative Japan Inc.].
se. https://public.dns.iij.jp/
*There seems to be no English page available
Steps to reproduce
dnsproxy.exe -v -o dnsproxy.log -u https://public.dns.iij.jp/dns-query -p 10053and query for "adguard.com"
Actual behavior
See attached log. dnsproxy.log
Your environment