Closed KujouRinka closed 7 months ago
That's weird, I'll test it tomorrow. I don't think it has anything to do with how many IPs it has in DNS though, as the blocking is done at the HTTP/HTTPS protocol level, not DNS.
Do you know what protocol Chrome uses when it becomes accessible? Is it possible that it uses QUIC (which we don't support at the moment)?
I saw that you mentioned this also happens with curl. Can you provide some info on how to reproduce this with curl?
Run curl 'https://www.bilibili.com'
, and wait a while, we can see some response on terminal.
I try to wireshark it, attched file shows all packet it captured during this command runing and show response.
I use this to filter some packet: !((ip.src == 172.16.0.0/12 || ip.src == 10.0.0.0/8 || ip.src == 192.168.0.0/16) && (ip.dst == 192.168.0.0/16 || ip.dst == 172.16.0.0/12 || ip.dst == 10.0.0.0/8))
I forgot to attach my config.yaml:
io:
queueSize: 1024
local: true
workers:
count: 4
queueSize: 16
tcpMaxBufferedPagesTotal: 4096
tcpMaxBufferedPagesPerConn: 64
udpMaxStreams: 4096
Packet of No.30 is HelloClient with sni=www.bilibili.com
. Before this packet was captured, curl command is blocking. But after it shows, connection established and data start to transfer.
I did't filter udp packet, DNS query at begining is all udp packets I captured.
Can you see if this commit fixes it for you? a2475d3
It has been fixed! Thanks for your help!
My Enviroment
Config File
What happeded
https://www.csdn.net
has been blocked properly, whilehttps://www.bilibili.com
cannot.Concretely, when visiting
bilibili
throughhttps://www.bilibili.com
in Chrome, the page is not accessible. But while web browser keeping trying to reconnect automatically, there's high possibility that the page will be loaded successfully. And after that, due to http long connection has benn established, all the followed-up operations will not be interrupted.I found this happened on my:
Moreover, this problem only happened when domain name holding IP addresses more than one. For example, I query DNS record for
bilibili.com
andcsdn.net
:The result is that
csdn
can be blocked properly, while former cannot. I am not sure whether there is some relation between this bug and DNS record. But I think it's worth to mention.