Open rampageX opened 3 years ago
Bug! Thanks for reporting it.
I'll have to document it in the man page.
dig attaches to the query a DNS cookie in the "additional" section of the packet. We filter out and drop such requests, and we let through only regular queries generated by regular applications. We also drop anything else but A and AAAA requests, so most of the request options dig provides will be filtered out.
When using dig from behind fdns, send the query to a specific server using @server-ip-address on the command line. This way you bypass fdns. For example:
$ dig @9.9.9.9 debian.org
just to remember to document it!
i use dig
to test the setup, so a @... is exactly not what i want to do... ;)
do you know a way to tell dig to do request that fdns
would not filter out? maybe that should be documented as well?
its not only dig that does it, go seems to suffer from that too:
main.go:29:2: maunium.net/go/mauflag@v1.0.0: Get "https://proxy.golang.org/maunium.net/go/mauflag/@v/v1.0.0.zip": dial tcp: lookup proxy.golang.org on 127.0.0.1:53: read udp 127.0.0.1:48660->127.0.0.1:53: i/o timeout
(with corresponding logs from fdns). why does fdns drop such requests?
I test
fdns
on my VM debian 10.fdns
build and run with no error, but when i test it withdig
, it's always failed with error: "Error LANrx: invalid DNS section counts: 1 0 0 1, dropped"Input: dig @127.1.1.1 twitter.com
Log:
BTW: Can we manually specified the
listen ip:port
and fallback dns server'sIP:PORT
?