This is how I have been running chinadns for a few years:
chinadns -p 5353 -s 223.5.5.5,1.2.4.8,127.0.0.1:5300 -c /etc/chinadns_chnroute.txt -d -m
It used to be reasonably effective. Lately, I noticed that I often get poisoned DNS query results typical 404'ed things like google.com and reddit.com.
Maybe the GFW has become smarter against -m. Has anyone noticed this problem, too?
I have a feature suggestion against this. I have 3 servers, the last one being an honest one outside the GFW: If the first 2 servers (those within the GFW) return results that are in different networks, assume that they are lying and take the result from the last server. I'm guessing from observation that it is inconvenient for the two liars to collude and tell the same lie when they decide to lie.
This is how I have been running chinadns for a few years:
chinadns -p 5353 -s 223.5.5.5,1.2.4.8,127.0.0.1:5300 -c /etc/chinadns_chnroute.txt -d -mIt used to be reasonably effective. Lately, I noticed that I often get poisoned DNS query results typical 404'ed things like google.com and reddit.com.
Maybe the GFW has become smarter against
-m. Has anyone noticed this problem, too?I have a feature suggestion against this. I have 3 servers, the last one being an honest one outside the GFW: If the first 2 servers (those within the GFW) return results that are in different networks, assume that they are lying and take the result from the last server. I'm guessing from observation that it is inconvenient for the two liars to collude and tell the same lie when they decide to lie.