From ad40c6c54bfbc427c1e1b4e8c48bf2c5fcbf4593 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 17 Nov 2019 22:00:08 +0100 Subject: [PATCH] Fallback to the system resolver if the fallback resolver doesn't work This is useful if fallback_resolver has been set to random junk, or to an external resolver, but port 53 is blocked. At least, it may allow the server to start. --- dnscrypt-proxy/example-dnscrypt-proxy.toml | 3 +-- dnscrypt-proxy/xtransport.go | 5 +++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml index 8d2b836d..736ec29b 100644 --- a/dnscrypt-proxy/example-dnscrypt-proxy.toml +++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml @@ -198,8 +198,7 @@ cert_refresh_delay = 240 fallback_resolver = '9.9.9.9:53' -## Never let dnscrypt-proxy try to use the system DNS settings; -## unconditionally use the fallback resolver. +## Always use the fallback resolver before the system DNS settings ignore_system_dns = true diff --git a/dnscrypt-proxy/xtransport.go b/dnscrypt-proxy/xtransport.go index 1a3e255a..8b99f251 100644 --- a/dnscrypt-proxy/xtransport.go +++ b/dnscrypt-proxy/xtransport.go @@ -279,6 +279,10 @@ func (xTransport *XTransport) resolveWithCache(host string) (err error) { } } } + if err != nil && xTransport.ignoreSystemDNS { + dlog.Noticef("Fallback resolver [%v] didn't respond - Trying with the system resolver as a last resort", xTransport.fallbackResolver) + foundIP, ttl, err = xTransport.resolveUsingSystem(host) + } if ttl < MinResolverIPTTL { ttl = MinResolverIPTTL } @@ -323,6 +327,7 @@ func (xTransport *XTransport) Fetch(method string, url *url.URL, accept string, return nil, 0, errors.New("Onion service is not reachable without Tor") } if err := xTransport.resolveWithCache(host); err != nil { + dlog.Errorf("Unable to resolve [%v] - Make sure that the system resolver works, or that `fallback_resolver` has been set to a resolver that can be reached", host) return nil, 0, err } req := &http.Request{