Closed hadzhioglu closed 2 years ago
baranyaib90
commented
2 years ago First check with cloudflare (https://cloudflare-dns.com/dns-query) if the proxy (you compiled) works successfuly with HTTP/3. If it does, maybe blitz.ahadns.com and/or basic.rethinkdns.com does not support HTTP/3. I suggest to use "-v -v -v" for debugging purpose.
ignoramous
commented
2 years ago Hi there,
rdns co-developer here.
The basic RethinkDNS resolver should (does) support h3; test: http3check.net.
Or:
curl --http3 -k -H 'accept: application/dns-message' 'basic.rethinkdns.com/?dns=AAABAAABAAAAAAAAA2NkbgdzZWdtZW50A2NvbQAAAQAB' -vv --output /dev/null Hi, I can also confirm: basic RethinkDNS resolver works with HTTP/3:
$ ./https_dns_proxy -4 -v -v -v -q -r https://basic.rethinkdns.com/?dns=AAABAAABAAAAAAAAA2NkbgdzZWdtZW50A2NvbQAAAQAB
[I] 1656532946.479143 main.c:219 Version 2022.04.22-6c80383
[I] 1656532946.479519 main.c:220 Built Apr 23 2022 13:02:12.
[I] 1656532946.480142 main.c:221 System c-ares: 1.15.0
[I] 1656532946.482118 main.c:222 System libcurl: libcurl/7.82.0-DEV OpenSSL/3.0.0 zlib/1.2.11 nghttp2/1.47.0 ngtcp2/0.3.1 nghttp3/0.3.0
[I] 1656532946.488940 dns_server.c:50 Listening on 127.0.0.1:5053
[D] 1656532946.489295 logging.c:39 starting periodic log flush timer
[D] 1656532946.490621 dns_poller.c:178 Nameservers count: 7
[I] 1656532946.490889 main.c:309 DNS polling initialized for 'basic.rethinkdns.com'
[D] 1656532946.491620 dns_poller.c:114 Starting DNS query
[D] 1656532946.492628 dns_poller.c:41 Reserved new io event: 0x7fffe7910ab0
[D] 1656532946.495941 dns_poller.c:126 DNS poll interval changed to: 0.697
[D] 1656532946.540954 main.c:185 Received new DNS server IP '188.114.97.13,188.114.96.13'
[D] 1656532946.542011 dns_poller.c:88 DNS poll interval changed to: 120
[D] 1656532946.542512 dns_poller.c:31 Released used io event: 0x7fffe7910ab0
[D] 1656532952.212838 main.c:113 Received request for id: 4E9B, len: 49
[D] 1656532952.213435 https_client.c:251 4E9B: Requesting HTTP/3
[D] 1656532952.214307 https_client.c:205 4E9B: * Added basic.rethinkdns.com:443:188.114.97.13,188.114.96.13 to DNS cache
[D] 1656532952.215950 https_client.c:205 4E9B: * Hostname basic.rethinkdns.com was found in DNS cache
[D] 1656532952.217346 https_client.c:77 curl opened socket: 8
[D] 1656532952.218131 https_client.c:205 4E9B: * Trying 188.114.97.13:443...
[D] 1656532952.219729 https_client.c:205 4E9B: * Connect socket 8 over QUIC to 188.114.97.13:443
[D] 1656532952.313302 https_client.c:205 4E9B: * CAfile: /etc/ssl/certs/ca-certificates.crt
[D] 1656532952.314058 https_client.c:205 4E9B: * CApath: none
[D] 1656532952.316911 https_client.c:594 Reserved new io event: 0x7fffefb05f40
[D] 1656532952.395503 https_client.c:205 4E9B: * subjectAltName: host "basic.rethinkdns.com" matched cert's "*.rethinkdns.com"
[D] 1656532952.397091 https_client.c:205 4E9B: * Verified certificate just fine
[D] 1656532952.401243 https_client.c:205 4E9B: * Connected to basic.rethinkdns.com () port 443 (#0)
[D] 1656532952.401831 https_client.c:205 4E9B: * h2h3 [:method: POST]
[D] 1656532952.402540 https_client.c:205 4E9B: * h2h3 [:path: /?dns=AAABAAABAAAAAAAAA2NkbgdzZWdtZW50A2NvbQAAAQAB]
[D] 1656532952.403815 https_client.c:205 4E9B: * h2h3 [:scheme: https]
[D] 1656532952.404281 https_client.c:205 4E9B: * h2h3 [:authority: basic.rethinkdns.com]
[D] 1656532952.404846 https_client.c:205 4E9B: * h2h3 [user-agent: https_dns_proxy/0.3]
[D] 1656532952.405380 https_client.c:205 4E9B: * h2h3 [accept: application/dns-message]
[D] 1656532952.405904 https_client.c:205 4E9B: * h2h3 [content-type: application/dns-message]
[D] 1656532952.406467 https_client.c:205 4E9B: * h2h3 [content-length: 49]
[D] 1656532952.407050 https_client.c:205 4E9B: * Using HTTP/3 Stream ID: 0 (easy handle 0x7fffe7912b00)
[D] 1656532952.408254 https_client.c:205 4E9B: > POST /?dns=AAABAAABAAAAAAAAA2NkbgdzZWdtZW50A2NvbQAAAQAB HTTP/3
[D] 1656532952.408478 https_client.c:205 4E9B: > Host: basic.rethinkdns.com
[D] 1656532952.410612 https_client.c:205 4E9B: > user-agent: https_dns_proxy/0.3
[D] 1656532952.414427 https_client.c:205 4E9B: > accept: application/dns-message
[D] 1656532952.414883 https_client.c:205 4E9B: > content-type: application/dns-message
[D] 1656532952.415554 https_client.c:205 4E9B: > content-length: 49
[D] 1656532952.416073 https_client.c:205 4E9B: * ngh3_stream_recv returns 0 bytes and EAGAIN
[D] 1656532952.416660 https_client.c:584 Released used io event: 0x7fffefb05f40
[D] 1656532952.417198 https_client.c:594 Reserved new io event: 0x7fffefb05f40
[D] 1656532952.428960 https_client.c:205 4E9B: * ngh3_stream_recv returns 0 bytes and EAGAIN
[D] 1656532952.442516 https_client.c:205 4E9B: * ngh3_stream_recv returns 0 bytes and EAGAIN
[D] 1656532952.880183 https_client.c:205 4E9B: < HTTP/3 200
[D] 1656532952.881155 https_client.c:205 4E9B: < date: Wed, 29 Jun 2022 20:01:59 GMT
[D] 1656532952.882746 https_client.c:205 4E9B: < content-type: application/dns-message
[D] 1656532952.884132 https_client.c:205 4E9B: < content-length: 149
[D] 1656532952.887653 https_client.c:205 4E9B: < accept: application/dns-message
[D] 1656532952.889746 https_client.c:205 4E9B: < x-nile-flags-dn:
[D] 1656532952.892119 https_client.c:205 4E9B: < expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
[D] 1656532952.895811 https_client.c:205 4E9B: < report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eqRThnu65p6wEtgQbICJy9Ynz99%2BUGFy4VZ12EDAgPgKQmqPxxS4PlIdyFYsSUHe5uov8J2qcGqkcfJ3Dxp83qKtHgUzPSziIqUnIiaqkQXCBnZmJpUq3r8cUB4mc4Nvbfsc282vA%3D%3D"}],"group":"cf-nel","max_age":604800}
[D] 1656532952.898466 https_client.c:205 4E9B: < nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
[D] 1656532952.899984 https_client.c:205 4E9B: < strict-transport-security: max-age=31536000; includeSubDomains
[D] 1656532952.906155 https_client.c:205 4E9B: < server: cloudflare
[D] 1656532952.910969 https_client.c:205 4E9B: < cf-ray: 723141d85f1a9247-FRA
[D] 1656532952.913302 https_client.c:205 4E9B: < alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
[D] 1656532952.915006 https_client.c:205 4E9B: * Connection #0 to host basic.rethinkdns.com left intact
[D] 1656532952.916429 https_client.c:584 Released used io event: 0x7fffefb05f40
[D] 1656532952.920917 https_client.c:341 4E9B: curl request succeeded
[D] 1656532952.925049 https_client.c:432 4E9B: CURLINFO_NUM_CONNECTS: 1
[D] 1656532952.926815 https_client.c:444 4E9B: CURLINFO_EFFECTIVE_URL: https://basic.rethinkdns.com/?dns=AAABAAABAAAAAAAAA2NkbgdzZWdtZW50A2NvbQAAAQAB
[D] 1656532952.929646 https_client.c:450 4E9B: CURLINFO_HTTP_VERSION: 3
[D] 1656532952.931151 https_client.c:479 4E9B: Times: 0.001428, 0.185397, 0.000000, 0.200196, 0.664243, 0.699175
[D] 1656532952.935569 main.c:84 Received response for id: 4E9B, len: 149
^C[I] 1656532956.341642 main.c:72 Shutting down gracefully. To force exit, send signal again.
[D] 1656532956.342227 main.c:317 loop breaked
[D] 1656532956.344168 main.c:331 re-entering loop
[D] 1656532956.345821 main.c:333 loop finished all events
[D] 1656532956.350137 https_client.c:112 curl closed socket: 8
[D] 1656532956.351034 main.c:340 loop destroyedProblem has to be on @hadzhioglu side.
ignoramous
commented
2 years ago Oh yeah, quite possibly QUIC is censored, or some middleware / firewall drops QUIC / drops UDP (which QUIC uses) altogether.
See also: https://github.com/kelmenhorst/quic-censorship (via: https://github.com/net4people/bbs/issues/108)
I can't use HTTP/3, although I compile everything correctly, I use the Padavan firmware. I run in the router in Run after the WAN up / down event: