Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suggestion: RouteDNS should allow the option "local-address" be specified 2 times, one for IPv4 and the other for IPv6 #357

Open
przemyslaw0 opened this issue Nov 13, 2023 · 6 comments
Open

Suggestion: RouteDNS should allow the option "local-address" be specified 2 times, one for IPv4 and the other for IPv6 #357

przemyslaw0 opened this issue Nov 13, 2023 · 6 comments

Comments

@przemyslaw0
Copy link

Hi.

I tried to specify two times the option "local-address", one for IPv4 and the other for IPv6, but it's not allowed to use it this way:

# routedns ../Temp/cfg
Error: toml: line 7 (last key "resolvers.cloudflare.local-address"): Key 'resolvers.cloudflare.local-address' has already been defined.

specifying two IP types would be more safer because it can avoid privacy leaks to other interfaces if the query(IPv4 or IPv6) is sent to a different address other that the one specified with "local-address"
@folbricht
Copy link
Owner

This is somewhat related to #355 I think that solution would work here too. You could define 2 listeners (with different names), and set one to IPv4 and the other to IPv6.

@przemyslaw0
Copy link
Author

are you sure your idea would work? sorry, I didn't understand very well.

If a IPv4 listener receives a AAAA query, how can it guess what forwarder with "local-address" with IPv6 addr should the query go through?

@folbricht
Copy link
Owner

If I understood it correctly, you wanted to control which protocol a listener would listen on, IPv4 or IPv6. I think that could look like below (once #355 is merged). 2 different listeners, one listening on a local IPv4 address, and another on on an IPv6 address, both forwarding queries to the same place.

[listeners.local-tcp4]
address = "127.0.0.1:1153"
ip-version = 4
protocol = "tcp"
resolver = "cloudflare-dot"

[listeners.local-tcp6]
address = "[::]:1153"
ip-version = 6
protocol = "tcp"
resolver = "cloudflare-dot"

@przemyslaw0
Copy link
Author

@folbricht

I didn't mean that you're suggesting

I mean the outgoing IP version, IPv4 or IPv6, for example if "local-address" option is set to an IPv4 address of a network interface and there is a hostname in the resolver, routedns could resolve the hostname to IPv6 and sent over the wrong IP, not to the outgoing IPv4 specified with "local-address"

@cbuijs
Copy link
Contributor

cbuijs commented Nov 16, 2023

It is for a resolver, right?

Create two unique hostnames? One for IPv4 and one for IPv6? And use the one you want to use in local-address?

@przemyslaw0
Copy link
Author

@cbuijs

yes, it is for resolvers

the problem is that not all doh/doq/dot servers allows to specify the ip directly as their ip addresses are not tied to the hostname certificate, in this case routedns can use both IPv4 or IPv4 address and only one IP could be covered by the option local-address, the other could be sent over the wrong IP address of another interface.

I don't think creating two unique hostnames is a good idea as the ip address of a doh/doq/dot resolver could change at any time

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@folbricht @cbuijs @przemyslaw0