Allow custom entries
Closed this issue · 5 comments
First of all, thank you much for your hard work and for freely providing a very nice little utility.
Please consider allowing the addition of custom DNS resolvers, or at least allow adding endpoint IDs to the URL.
Your list includes NextDNS.io, which is the one I want to use, but your luci-app-https-dns-proxy does not provide a way for adding a personal endpoint ID, which is what makes NextDNS so valuable and powerful. Without our personal ID the resolver simply runs with basic filters, and we don't benefit from all the custom filters they provide.
A customized NextDNS URL looks like this: https://dns.nextdns.io/87gh64r
I figured perhaps I could edit the config that contains your list of resolvers, but I stroke out. I searched all over the file structure in my router, and searched your web sources for over an hour, looking for any reference to the location of your config files, and I couldn't find a single reference. Perhaps I overlooked them.
Second related issue...
I was able to add the URL with my my personal endpoint ID via the CLI, based on what I found here: https://openwrt.org/docs/guide-user/services/dns/doh_dnsmasq_https-dns-proxy and here: https://docs.openwrt.melmac.net/https-dns-proxy
It works as expected, and the Service Status in your luci-app-https-dns-proxy indicates the selected resolver is NextDNS.io DoH at 127.0.0.1:5053, but unfortunately the drop-down menu can't find an exact match, so it just defaults to the first entry and shows "Quad 101 (Taiwan)". If I make any changes or add/remove a resolver, my custom entry gets overwritten with Quad 101.
I hope that makes sense. Thanks in advance for your time and effort.
@CodeSapiens I stumbled across NextDNS today and was trying to set it up myself. I don't see why you can't feed that URL in as your resolver_url (-r per the docs). I was able to get NextDNS to accept that I was correctly using their service over DoH, but I was getting a lot of failed queries. So there definitely was something missing on the https_dns_proxy side of things. I've attached my logs if any of the devs are following this issue. @aarond10 or @baranyaib90 do you have any thoughts here?
Hi,
I have checked the logs and found nothing special.
No connection/HTTP/other errors at all :S
Could you please do the following:
- Try to tcpdump the DNS traffic to the HTTPS proxy. It may happen, that NextDNS replies with DNS resolve failures. (That wouldn't be the fault of the HTTPS proxy.)
- Try to pinpoint, which hostnames fail to resolve and if the resolve failures are constant or random.
- Update the code to latest master, since there were added HTTP request faulire debugging improvements.
@baranyaib90 thanks for having a look. After some more digging and tweaking, it turned out it was an issue with my DNSSEC config in dnsmasq (which sits between my network and https_dns_proxy).
So in my view, NextDNS works just fine with the custom endpoints over DoH. You just need to provide your custom URL as resolver_url, and the IP addresses that are mentioned in the "Setup Guide" (i.e. not the "Linked IP" addresses).
tldr I think this issue can be closed. @CodeSapiens seems to be referring to the OpenWRT package, which seems to only make certain resolvers available. It'd be on whoever maintains that package to make it more configurable, right?
@CodeSapiens seems to be referring to the OpenWRT package, which seems to only make certain resolvers available.
It's not the case, OpenWrt package can be configured for anything.