Closed ahsandar closed 3 weeks ago
Also I want to use DoH ideally but can't find how to have it setup. Are thre any guides for setting it up ?
Currently DoH is only supported in by builtin DNS configurations, like cloudflare_https
.
I have shadowsocks-rust ssserver and Pihole setup as 2 containers using docker-compose. I have tried putting the pihole IP in config.json under dns and also tried pasing it using --dns but seems the requests don't go to Pihole for resolution. Am i missing something ?
You may try to add -vvv
and see whether --dns
have already set the expected IPs into the DNS resolver. If they were set as expected, queries will be sent to those IPs. You should double check the destination IP and see what exactly happening.
I can see below in my logs after adding -vvv
. Seems the Ip is being picked by ssserver. So I have a quesiton when I use the shadowsocks android app it asks for Remote DNS address and uses that for resolving the domains so the dns server on ssserver is not used. Also I tried with the outline app over there as well it didn't seem to have the queries resolved using the dns from ssserver.
shadowsocks::dns_resolver::hickory_dns_resolver: /root/shadowsocks-rust/crates/shadowsocks/src/dns_
resolver/hickory_dns_resolver.rs:127: initializing DNS resolver with config ResolverConfig { domain: None, search: [], name_servers: NameServerConfigGroup([NameServerConfig { socket_addr: 10.0.3.3:53, protocol: U
dp, tls_dns_name: None, trust_negative_responses: true, tls_config: None, bind_addr: None }, NameServerConfig { socket_addr: 10.0.3.3:53, protocol: Tcp, tls_dns_name: None, trust_negative_responses: true, tls_con
fig: None, bind_addr: None }], None) } opts ResolverOpts { ndots: 1, timeout: 5s, attempts: 2, rotate: false, check_names: true, edns0: true, validate: false, ip_strategy: Ipv4AndIpv6, cache_size: 32, use_hosts_f
ile: true, positive_min_ttl: None, negative_min_ttl: None, positive_max_ttl: None, negative_max_ttl: None, num_concurrent_reqs: 2, preserve_intermediates: true, try_tcp_on_error: false, server_ordering_strategy:
QueryStatistics, recursion_desired: true, authentic_data: false, shuffle_dns_servers: false }
hickory_resolver::async_resolver: /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/hi
ckory-resolver-0.24.1/src/async_resolver.rs:222: handle passed back
So I have a quesiton when I use the shadowsocks android app it asks for Remote DNS address and uses that for resolving the domains so the dns server on ssserver is not used.
Of course.. The dns
is only applied to the current process, which is ssserver
in your case. There is nothing related to your Android App.
so whats the use of dns on ssserver when all queries are resolved on the client ?
ssserver needs to resolve the target domain name for connecting. Domain names resolved on client is just your Android App's implementation specific feature.
I can understand if Pihole returns a block for a certain domain and shadowssocks client uses a local domain to bypass as a fallback but why are there no dns queries on the pihole from ssserver ?
shadowsocks' protocol supports client (sslocal) to send domain names directly to server (ssserver), so ssserver requires DNS resolution.
I have no idea what Pihole is, you may need to look into deeper in your own environment.
I have shadowsocks-rust ssserver and Pihole setup as 2 containers using docker-compose. I have tried putting the pihole IP in config.json under dns and also tried pasing it using --dns but seems the requests don't go to Pihole for resolution. Am i missing something ? Also I want to use DoH ideally but can't find how to have it setup. Are thre any guides for setting it up ?