SmartDns & records AAAA???

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
ssergey
DD-WRT Novice


Joined: 17 Jan 2014
Posts: 39
PostPosted: Fri Oct 11, 2024 18:30    Post subject: SmartDns & records AAAA??? Reply with quote
Good day to all!
Trying to configure this beast in dualstack. It does not respond to AAAA record requests. Tried a lot of things I found on the topic, but nothing helps.
I need to confirm or deny the assumption about smartdns bug in dualstack

Code:
dig ANY @195.0.1.254 ya.ru
;; communications error to 195.0.1.254#53: end of file
;; communications error to 195.0.1.254#53: end of file
;; communications error to 195.0.1.254#53: end of file
;; no servers could be reached

❯ dig  @195.0.1.254 ya.ru
ya.ru.          347 IN A 77.88.44.242
ya.ru.          347 IN A 77.88.55.242
ya.ru.          347 IN A 5.255.255.242
❯ dig  @195.0.1.254 ya.ru ANY
;; communications error to 195.0.1.254#53: end of file
;; communications error to 195.0.1.254#53: end of file
;; communications error to 195.0.1.254#53: end of file
;; no servers could be reached

❯ dig  @195.0.1.254 -p 6053 ya.ru ANY
;; Connection to 195.0.1.254#6053(195.0.1.254) for ya.ru failed: connection refused.
;; no servers could be reached

;; Connection to 195.0.1.254#6053(195.0.1.254) for ya.ru failed: connection refused.
;; no servers could be reached

;; Connection to 195.0.1.254#6053(195.0.1.254) for ya.ru failed: connection refused.
;; no servers could be reached

❯ dig  @195.0.1.254 -p 6053 ya.ru
ya.ru.          303 IN A 77.88.44.242
ya.ru.          303 IN A 77.88.55.242
ya.ru.          303 IN A 5.255.255.242

with configuration
Code:
cat /tmp/smartdns.conf
server-name gate
bind [::]:6053
dualstack-ip-selection yes
prefetch-domain yes
log-size 32K
log-num 1
log-level warn
log-file /tmp/smartdns.log
ca-file /etc/ssl/ca-bundle.crt
ca-path /etc/ssl
dualstack-ip-selection-threshold 10
dualstack-ip-allow-force-AAAA yes
force-AAAA-SOA no
server-tls [2620:fe::9]:853 -host-name dns.quad9.net -tls-host-verify dns.quad9.net
server-tls 9.9.9.9:853 -host-name dns.quad9.net -tls-host-verify dns.quad9.net

P.S. I quite admit that my own mistake was not noticed, but walking on the same rake is already steamed.
Thank you for your attention and attempt to help.
Back to top View user's profile Send private message
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 15535
Location: Texas, USA
PostPosted: Fri Oct 11, 2024 19:07    Post subject: Reply with quote
It would help to know which build of DD-WRT you are running (and router model, but that is negligible).

When you say "dualstack", you obviously mean IPv4 and IPv6, correct?

https://github.com/pymumu/smartdns/issues/332

https://github.com/pymumu/smartdns/issues/933

https://duckduckgo.com/?q=SmartDns+dualstack&ia=web
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Back to top View user's profile Send private message Visit poster's website
ssergey
DD-WRT Novice


Joined: 17 Jan 2014
Posts: 39
PostPosted: Fri Oct 11, 2024 19:16    Post subject: Reply with quote
kernel-panic69 wrote:
It would help to know which build of DD-WRT you are running (and router model, but that is negligible).

When you say "dualstack", you obviously mean IPv4 and IPv6, correct?
...

DD-WRT v3.0-r58531 std (10/09/24) Netgear WNDR3800
Yes, IPv4 and IPv6 are correct. IPv6 Tunnel Broker Hurricane Electric
Back to top View user's profile Send private message
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 15535
Location: Texas, USA
PostPosted: Sun Dec 08, 2024 20:07    Post subject: Reply with quote
From cross-post in the Russian forum:
ssergey wrote:
I figured out what the problem was. I spent a long time fiddling with different options and managed to make this farm work as I needed. The main problem was that I needed to disable AAAA records for a certain list of domains, but leave the work on the IPv6 protocol for the rest. I achieved this with a combination of smartdns + dnsmasq. smartdns pulls records of all types, and smartdns filters AAAA for the necessary domains
Code:
server-name gate
bind [::]:6053
dualstack-ip-selection yes
prefetch-domain yes
serve-expired yes
log-size 32K
log-num 1
log-level warn
log-file /tmp/smartdns.log
ca-file /etc/ssl/ca-bundle.crt
ca-path /etc/ssl
dualstack-ip-allow-force-AAAA yes
dualstack-ip-selection-threshold 500
server-https https://dns.quad9.net:443/dns-query -host-name dns.quad9.net -tls-host-verify dns.quad9.net -host-ip 2620:fe::fe
server-https https://dns.quad9.net:443/dns-query -host-name dns.quad9.net -tls-host-verify dns.quad9.net -host-ip 9.9.9.9


For the required domains, we ignore AAAA records
Code:
address=/google.com/::
address=/google.ru/::

Everything that can works on IPv6. Google has gotten on my nerves with downloads and therefore works on IPv4. The problem is solved. I am happy

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Back to top View user's profile Send private message Visit poster's website
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum