[DNSCrypt] Finland server issues? ('sdns' stamps don't match).

[ghost]

Hello.

First of, I would like to send You a big "Thanks" for such an amazing Project. (I hope, that you're fine and everything is okay).

Now, let's move to the BlahDNS Finland server issues. About two, three days ago, I noticed, that something is wrong. I checked various configurations, using 'dnscrypt-fi-blahdns-ipv4'. I tried use 'server_names' option, '[static]' block etc. in DNSCrypt-proxy configuration file. During one of such test, 'dnscrypt-proxy' status showed such entry:

✖ [WARNING] Incorrect signature

Additionally, 'sdns' stamps seems to be different: on an official website (vide blahdns.com), 'sdns' stamp for Finland, differ from that one found in - for example - 'public-resolvers.md' file (maintained by Mr Frank Denis). I tried both 'sdns' stamps - but no luck. (If it's about German and Japan servers, everything is okay - 'sdns' stamps are the same in both places. However, stamp for Finland server does not match).

One more thing - configuring DNSCrypt to use BlahDNS Finland server (via 'dnscrypt-fi-blahdns-ipv4') and performing various tests, such as DNS Leak, Germany was showed as a 'Country' (shouldn't it be Finland?). It looks like Finland server is being - I don't know, maybe redirected? - to use Germany server.

(Also, I decided to test Japan server (via 'dnscrypt-jp-blahdns-ipv4') and 'sdns' stamp is correct on both: official BlahDNS website and in 'public-resolvers.md' file. Additionaly, DNS Leak test shows Japan as a 'Country'. [1])

So, let's summarize:

✗ 'dnscrypt-fi-blahdns-ipv4' seems to be "redirected"(?) to 'dnscrypt-de-blahdns-ipv4' (vide DNS Leak test: using only Finland server - DNS Leak test shows Germany as a 'Country') ✗ Finland 'sdns' stamp: official BlahDNS website contain stamp that differ from this one found in 'public-resolvers.md' file.

Sorry for such a long message. ookangzheng, can You take a look at this? Is there a chance, to fix these issues and Finland server (via 'dnscrypt-fi-blahdns-ipv4') will be working again?

Thanks, best regards.

---

[1] ISP was 'woody***' - I don't remember exactly, but it's related to the Quad9 and owner name. According to blahdns.com, incoming DNS requests are forwarded to Cloudflare (since 2020.06.03). So, maybe there should be an official information? (It seems, that Cloudflare is used for '{de,fi}-blahdns-ipv4').

[zoonderkins]

So far I tested on Dnscrypt Finland server with Ipv4, Ipv6 all work as expected though. Make sure your [static.blahdns-fi-dnscrypt-v4] or IPv6 is setup correctly.

[static.'blahdns-fi-dnscrypt-v4']
stamp = 'sdns://AQMAAAAAAAAAEzk1LjIxNi4yMTIuMTc3Ojg0NDMgU4ToFEMUKT5W3RsUCh7xcq1HvboXmciVcpSVPQNOtccbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'
[static.'blahdns-fi-dnscrypt-v6']
stamp = 'sdns://AQMAAAAAAAAAHFsyYTAxOjRmOTpjMDEwOjQzY2U6OjFdOjg0NDMgU4ToFEMUKT5W3RsUCh7xcq1HvboXmciVcpSVPQNOtccbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t'

As you may noticed, I temporary let Germany and Finland server forwarded to either Quad9 and Cloudflare due to high CPU usage. ( I did announce on blahdns.com )

[ghost]

Hello.

Thank You for an answer. Unfortunately, still DNS Leak test shows IP address and Germany (as 'Country'). I tried 'blahdns-fi-dnscrypt-ipv4' (found in 'public-resolvers.md' file) and 'blahdns-fi-dnscrypt-v4' with 'sdns' stamp (posted by You).

Using German (via 'dnscrypt-de-blahdns-ipv4') and/or Japan (via 'dnscrypt-jp-blahdns-ipv4') server, works - no leaks [1]. Also, everything seems to be okay with other Providers. Choosing, for example, France Provider shows France as a 'Country' etc. (vide DNS Leak test and so on). I have no idea why BlahDNS Finland server is pointing to Germany.

By the way: maybe someone else could test Finland server and do DNS Leak test? Thanks.

Yes, I know Cloudflare is used (since 2020.06.03) but Quad9 is not mentioned on blahdns.com website. That's all. Anyway, it's just a small detail ;- )

Best regards.

---

[1] However, hostname - for German server - shows 'None' - is that right? (I don't remember hostname for Japan, sorry).

[zoonderkins]

Cuz cloudflare they dont have finland server I guess, Cloudflare IP: 162.158.95.150 (germany 😅)

Finland server: 95.216.212.177, https://browserleaks.com/ip/95.216.212.177 Ping from finland other servers

Mtr from finland server to Cloudflare: 1.1.1.2

[ghost]

Hello.

So, it seems to be an answer why BlahDNS Finland servers (DNSCrypt and DoH) are showed/leaked as a German server etc. There's nothing that could be done with this, right?

Thanks for updating blahdns.com website ;- )

Best regards.

[zoonderkins]

Ya, dont worry though. Is not leaking your IP to ISP. Just noticed that when Finland server IP connect to Cloudflare IP, it has been routed to Germany to do DNS resolution (destination).

[ghost]

Hi, thanks for an information. Anyway, I noticed something... strange. That's what happened with 'doh-fi-blahdns' being used:

[NOTICE] [doh-fi-blahdns] OK (DNSCrypt)

Shouldn't be '(DoH)' there? I think, that before - I mean before Cloudflare and so on - there wasn't such problems etc. But that's only my personal opinion.

Thank You very much for everything! ;- )

[zoonderkins]

You have to specific 2 servers server_names = ['blahdns-fi-dnscrypt-v4', 'blahdns-fi-doh'] Both are on same server and will use Cloudflare as Upstream for DNS resolution.

[ghost]

Hello, okay I will check this one. By the way - can You write why your Servers names are different from those found in 'public-resolvers.md' file? Does it matter or it's just a name?

I'm asking, because Servers hasn't be defined in '[static]' section with 'sdns', right? This is optional. Users can use - mentioned by You - 'server_names' option. However, your Servers names are different etc.

Best regards!

[zoonderkins]

Ah, my fault 😅 ... server name on public_resolver indeed named dnscrypt-fi-blahdns-ipv4, instead of blahdns-fi-dnscrypt-v4 https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md#dnscrypt-fi-blahdns-ipv4

Will close this issue, if need further discussion, pls consider open new issue.