Closed liang-hiwin closed 3 years ago
Thanks for the feedback. It seems there is network connectivity issue so the DNS server is unable to resolve names.
Use DNS Client to query directly to the forwarder that you are using or if no forwarder is configured then do "Recursive Query" option as server. This test will tell if the DNS server can reach the forwarder or the name servers.
The DOH transponder I configured works normally. But it seems to have no effect in the DnsServer program.
From the logs you have it configured with HttpsJson protocol that could be the reason since most DoH servers support only Https wire format protocol and only a few support json format protocol.
Do try querying the forwarder directly from DNS Client and confirm if its working.
From the logs you have it configured with HttpsJson protocol that could be the reason since most DoH servers support only Https wire format protocol and only a few support json format protocol.
Do try querying the forwarder directly from DNS Client and confirm if its working.
It seems that the ip of the doh domain name I configured cannot be resolved and the dns fails. Do I need to add ip after doh? For example: https://dns.google/dns-query(8.8.8.8);
ya its best to add IP after the URL ends. The syntax is to add <space>
and then put the IP address in round brackets,
ya its best to add IP after the URL ends. The syntax is to add
<space>
and then put the IP address in round brackets,
## doh cannot be used. dot is normal
error dns https://www.114dns.com/
Use Google DoT then if that is working.
I don't know anything of the other IP addresses that you are trying to use as forwarders so I cannot tell anything about them not working.
Basically, if you can query any server via the DNS Client then you can use it as forwarder. If the forwarder you wish to use does not work then its network connectivity issue for which nothing can be done from my end.
The video I recorded has been sent to your mailbox, please check it out.
The video I recorded has been sent to your mailbox, please check it out.
I saw the video and it seems you really confused:
When you set forwarder in the DNS server, to test it from DNS Client you must select "This Server" and then query. What you are doing is just changing the forwarder in settings and in DNS Client querying to some other server and thinking that the response came from local DNS server.
When you query "This Server" for google.com once and then change the forwarder in settings and then query "This Server" again for google.com then the response you get comes from the cache. Its not coming from the new forwarder. You need to flush cache if you change forwarder and then query This Server to test.
Instead of changing forwarders frequently and testing via DNS Client, you must test the server you want to use as forwarder by querying via DNS Client. If you can query the server via DNS Client and are getting suitable response then you go and set it as forwarder in settings.
I just tested the DoH end point you are trying to configure and its working well here. Just query to <removed>
as the server in DNS Client with protocol set to Http
and it should work, If its working then set the complete string as the forwarder in settings with DNS-over-HTTPS protocol and it will work since it worked when you queried with DNS Client.
Another thing from the video:
The DNS server does not support tls://server:port
type URL syntax for DoT so it wont work at all. You need to use <domain>:<port>
and use TLS protocol. Optionally you can add the IP address to avoid resolution so the TLS server becomes <domain>:<port> (<ip-address>)
.
There is "Name server returned error. DNS RCODE: ServerFailure (2); Name server: desktop-tang:53 (127.0.0.1:53)" error in your logs as well as in video. This is indicating the the DNS server is trying to query desktop-tang:53 (127.0.0.1:53)
which is itself and thus not getting any response. Check if you have configured any zone as conditional forwarder that could affect the resolution process.
I am not sure why its not working there. But, it does work and you can test it using dnsclient.net hosted tool here: https://dnsclient.net/
Since you tested this on another command line tool and it was working there, you can install Wireshark tool on your system and see what IP address the command line tool is sending the request to. You wont see the request since its encrypted but you will see the IP address and then use the same IP address.
I am not sure why its not working there. But, it does work and you can test it using dnsclient.net hosted tool here: https://dnsclient.net/
Since you tested this on another command line tool and it was working there, you can install Wireshark tool on your system and see what IP address the command line tool is sending the request to. You wont see the request since its encrypted but you will see the IP address and then use the same IP address.
I can't find the reason for windows. I switch Raspberry Pi to try
I am not sure why its not working there. But, it does work and you can test it using dnsclient.net hosted tool here: https://dnsclient.net/
Since you tested this on another command line tool and it was working there, you can install Wireshark tool on your system and see what IP address the command line tool is sending the request to. You wont see the request since its encrypted but you will see the IP address and then use the same IP address.
Raspberry Pi is used normally, I'm about to cry
Raspberry Pi is used normally, I'm about to cry
Good to know its working at least on your Pi.
Raspberry Pi is used normally, I'm about to cry
Good to know its working at least on your Pi.
thank you
welcome :)
Can you help me delete the DOH address mentioned in this discussion! I'm afraid of being vandalized!
@ShreyasZare
Can you help me delete the DOH address mentioned in this discussion! I'm afraid of being vandalized!
done