search

socketry / async-dns

An asynchronous DNS resolver and server.
MIT License
96 stars 14 forks source link

AsyncDNS as forwarder? #11

Closed kuronae12 closed 5 years ago

kuronae12 commented 5 years ago

Hey, first of all I gotta say that I truly love your work, nice job!

I'm looking to do a filter service based on request IP. With a ruleset that I got, look up the rules for that request IP, determine if it should be allowed, if allowed passthrough to a forwarding AsyncDNS server, if not, serve backed an IP for a blocked page.

Question: Is there a way to use AsyncDNS as a forwarder server? What I'm looking for is to have a multiple AsyncDNS servers listening on different ports, and have one more listening on port 53, this last one will use round-robin for example but it can be any strategy to forward the request to one of the servers listening on another port.

But the problem for me is that the passthrough method is working as a resolver, also the packet from the resolver is using the localhost to resolve and to send the packets to the other servers, so the original request ip address is lost.

I found that the Async:IO:Socket can define a local_address, but it tries to bind to the address to generate the packet, but there's no way to spoof the IP address because it sends the Errno::EADDRNOTAVAIL cause the server obviously has not interface with that address.

Is there a way to do what I'm looking? Maybe if I override the socket.bind(local_address.to_sockaddr) function so I doesnt try to bind to an IP address from a local interface, is there a way to bypass that?

Thanks, let me know if I explained myself.

kuronae12 commented 5 years ago

I found a similar issue #10, but I guess they wanted to do it different, cause they only were looking for the source IP address, what I'm trying to build is like a dnsdist for my AsyncDNS servers, and do some processes before forwarding the requests.

ioquatix commented 5 years ago

This code base provides all the tools for implementing whatever DNS server you want, but you might need to get your hands dirty to implement it. I suggest you try to implement it and show me the code and explain what parts aren't working how you want.

kuronae12 commented 5 years ago

Yeah, I modified the code to pass the request IP to the next DNS server but I guess this is not an AsyncDNS problem, I was getting the Errno::EADDRNOTAVAIL, then I did some OS modifications to enable the binding to non local IPs, but ultimately still getting an Errno::EINVAL at the connect_nonblock method at the underlying Socket lib.

But after several hours of playing with the code and studying I realized this is more of a routing problem. I guess I need to find another solution, thanks and sorry for the inconvenience.