Generalize to be used by DNS client

[hannesm]

As of now, usually a host (with a dual stack) has several configuration options: DHCP / DHCPv6 (for IPv4/IPv6 addresses of the nameserver), plus /etc/resolv.conf (listing nameservers as IP addresses). Now, with the rise of DNS-over-TLS, the configuration is slightly more tricky:

• DNS via UDP
• DNS via TCP
• DNS via TLS

And all these three transports for each nameserver. Furthermore, https://datatracker.ietf.org/doc/html/rfc8310#section-6 recommends opportunistic privacy: why not use TLS if available (even without authentication).

So, a DNS client should (incomplete, since DTLS may be another option -- also leaving aside that configuration may be a hostname (bootstrapping issue, since that hostname needs to be resolved)):

• attempt to connect to IPv4/IPv6 nameserver via TLS (on port 853)
• attempt to connect to IPv4/IPv6 nameserver via TCP (on port 53)
• attempt to connect to IPv4/IPv6 nameserver via UDP (on port 53)

And which nameserver and transport to use should be figured out automatically by a mechanism such as happy eyeballs. To avoid dependency cycles, the core of happy-eyeballs needs to be independent of dns(-client). This also means we need separate opam packages for happy-eyeballs, happy-eyeballs-lwt, happy-eyeballs-mirage.

[hannesm]

The main task here is to figure out a reasonable (alternative?) API - at the moment: connect takes a hostname. The new API should take a (list of) Ipaddr and port numbers (& protocols?), and may reflect in its result type that the resolve action will not be invoked (but that may as well be left for the future).