Open Night1 opened 4 years ago
@Night1 Amazing that after all this time this isn't documented but I run dual ipv6 and ipv4 using
--proxy-dns-address="::1"
I believe the following should work:
CLOUDFLARED_OPTS= --proxy-dns-address=::1 --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
My comment https://github.com/cloudflare/cloudflared/issues/73#issuecomment-462542558 points to the original source. I guess I should create a documentation PR.
--proxy-dns-address="::1"
Hmm tested it looked like it worked for a while but looked closer and turned out i still have to run it dual stack by having two instances running one for v4 and one v6.
> @pi:/etc/default# cloudflared proxy-dns --port 5053 --address "::1" -upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
> INFO[0000] Adding DNS upstream url="https://1.1.1.1/dns-query"
> INFO[0000] Adding DNS upstream url="https://1.0.0.1/dns-query"
> INFO[0000] Starting metrics server addr="127.0.0.1:44277"
> INFO[0000] Starting DNS over HTTPS proxy server addr="dns://[::1]:5053"
joing proxy-dns-address is invalid :) "proxy dns" is the operator while --address are options for proxy-dns. However you did give me the hints needed. To get it working on both v4 and v6, was not "::1" but "::"
cloudflared proxy-dns --port 5053 --address :: -upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
Thank you.
`pi:/home/pi# cloudflared proxy-dns --port 5053 --address "::" -upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
INFO[0000] Adding DNS upstream url="https://1.1.1.1/dns-query"
INFO[0000] Adding DNS upstream url="https://1.0.0.1/dns-query"
INFO[0000] Starting metrics server addr="127.0.0.1:40629"
INFO[0000] Starting DNS over HTTPS proxy server addr="dns://[::]:5053"`
Adding IPv6 to upstream results in:
pi:/home/pi# cloudflared proxy-dns --port 5053 --address "::" --upstream https://[2606:4700:4700::1111]/dns-query
INFO[0000] Adding DNS upstream url="https://[2606:4700:4700::1111]/dns-query"
INFO[0000] Starting metrics server addr="127.0.0.1:43363"
INFO[0000] Starting DNS over HTTPS proxy server addr="dns://[::]:5053"
ERRO[0003] failed to connect to an HTTPS backend "https://[2606:4700:4700::1111]/dns-query" error="returned status code 403"
ERRO[0003] failed to connect to an HTTPS backend "https://[2606:4700:4700::1111]/dns-query" error="returned status code 403"
So cloudflare is blocking lookups over IPv6 for DoH.
@Night1 Did you get it working finally? Is DNS lookup on IPv6 still not supported by Cloudflare?
For context, I tried:
cloudflared proxy-dns --address :: --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query --upstream https://[2606:4700:4700::1111]/dns-query--upstream https://[2606:4700:4700::1001]/dns-query
The log I get:
Mar 11 20:52:30 raspberrypi systemd[1]: Started cloudflared DNS over HTTPS proxy.
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Adding DNS upstream url=https://1.1.1.1/dns-query
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Adding DNS upstream url=https://1.0.0.1/dns-query
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Adding DNS upstream url=https://[2606:4700:4700::1111]/dns-query
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Starting metrics server on 127.0.0.1:37517/metrics
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Adding DNS upstream url=https://[2606:4700:4700::1001]/dns-query
Mar 11 20:52:30 raspberrypi cloudflared[6449]: 2023-03-11T20:52:30Z INF Starting DNS over HTTPS proxy server address=dns://[::]:5053
However, when visiting https://1.1.1.1/help, I still get: | Connectivity to Resolver IP Addresses | |
---|---|---|
1.1.1.1 | Yes | |
1.0.0.1 | Yes | |
2606:4700:4700::1111 | No | |
2606:4700:4700::1001 | No |
I moved ISP new ISP does give me 2.5gigabit internet but not IPv6... anyways with AdGuard Home you can set up DoH + DoT nativiley.
Hey.
I'm trying to bind to both IPv6 and IPv4 at the same time, but can only get one and one work for a DoH proxy thatt is connected from pihole
For IPv4
CLOUDFLARED_OPTS= --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
For IPv6CLOUDFLARED_OPTS= --address ::1 --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
Tried bothCLOUDFLARED_OPTS= --address ::1 127.0.0.1 --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
and
CLOUDFLARED_OPTS= --address ::1 --address 127.0.0.1 --port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query
None of them work it there some other config that will do this? normally ::1 should cover both but in this case when I do a dig @::1 -p 5053 works but dig @127.0.0.1 -p 5053 only IPv6 gives a response.
Using cloudflared version 2019.11.0 (built 2019-11-07-1631 UTC)
workaround is to start two instances or cloudflared one for each protocol.