Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

question: how to use random resolving? #66

Closed
monperrus opened this issue Feb 4, 2020 · 4 comments · Fixed by #67
Closed

question: how to use random resolving? #66

monperrus opened this issue Feb 4, 2020 · 4 comments · Fixed by #67

Comments

@monperrus
Copy link
Contributor

Hi!

the code suggests that one can randomize the upstream servers:

Random   = "random"
NginxWRR = "weighted_round_robin"
LVSWRR   = "lvs_weighted_round_robin"

How to configure dns-over-https to use it?

@monperrus monperrus changed the title question: how to use random question: how to use random resolving? Feb 4, 2020
@m13253
Copy link
Owner

m13253 commented Feb 4, 2020

In the doh-client.conf, find the following lines:

# available selector: random or weighted_round_robin or lvs_weighted_round_robin
upstream_selector = "random"

The default is already "random".

When you have more than one upstream servers, a random upstream server will be chosen for each request.

monperrus added a commit to monperrus/dns-over-https that referenced this issue Feb 4, 2020
@monperrus
Copy link
Contributor Author

monperrus commented Feb 4, 2020 via email

@m13253 m13253 closed this as completed in #67 Feb 4, 2020
@monperrus
Copy link
Contributor Author

One problem with pure randomization is that "over time (days, weeks) any resolver you use (either in round robin or with a random distribution) will likely acquire enough information about an end user to profile", which is a problem for privacy (source)

One solution for that is a pseudo-random choice: "the choice of the server is consistent: if the same domain is resolved twice, the same DoH server for both queries is used". This is implemented for instance in nss-tls.

What about supporting upstream_selector = "pseudo-random"?

@m13253
Copy link
Owner

m13253 commented Feb 4, 2020

It's a good idea. And I suggest we name the selector "hostname_hash" or "hash" to match the naming of other load balancers.

I currently do not have time to implement new feature. So please help me if you are willing to. Pull requests are welcome. <3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants