-
Output of the following commands:./dnscrypt-proxy -version ./dnscrypt-proxy -check [2021-06-11 07:44:10] [NOTICE] dnscrypt-proxy 2.0.45
[2021-06-11 07:44:10] [NOTICE] Source [public-resolvers] loaded
[2021-06-11 07:44:10] [NOTICE] Source [relays] loaded
[2021-06-11 07:44:11] [NOTICE] Configuration successfully checked ./dnscrypt-proxy -resolve example.com Resolving [example.com] using 127.0.0.1 port 54
Resolver : 74.63.20.246 (res101.qpg.rrdns.pch.net.)
Lying : no
DNSSEC : yes, the resolver supports DNSSEC
Canonical name: example.com.
IPv4 addresses: 93.184.216.34
IPv6 addresses: 2606:2800:220:1:248:1893:25c8:1946
Name servers : b.iana-servers.net., a.iana-servers.net.
DNSSEC signed : yes
Mail servers : 1 mail servers found
HTTPS alias : -
HTTPS info : -
Host info : -
TXT records : v=spf1 -all, 8j5nfqld20zpcyr8xjw0ydcfq9rk8hgm What is affected by this bug?
When does this occur?Everytime! Flushed DNS, still occurs. Where does it happen?How do we replicate the issue?Expected behavior (i.e. solution)No cloudflare DNS;-; Other Comments |
Beta Was this translation helpful? Give feedback.
Replies: 6 comments 3 replies
-
pch.net is Quad9, not Cloudflare. |
Beta Was this translation helpful? Give feedback.
-
@jedisct1, example2.com resolved via cloudflare's DNS, correct? Resolving [example2.com] using 127.0.0.1 port 54
Resolver : 162.158.234.59
Lying : no
DNSSEC : yes, the resolver supports DNSSEC
Canonical name: example2.com.
IPv4 addresses: 173.231.210.103
IPv6 addresses: -
Name servers : ns1.inmotionhosting.com., ns2.inmotionhosting.com.
DNSSEC signed : no
Mail servers : 1 mail servers found
HTTPS alias : -
HTTPS info : -
Host info : -
TXT records : - Also, I tried example.com again Resolving [example.com] using 127.0.0.1 port 54
Resolver : 162.158.234.59
Lying : no
DNSSEC : yes, the resolver supports DNSSEC
Canonical name: example.com.
IPv4 addresses: 93.184.216.34
IPv6 addresses: 2606:2800:220:1:248:1893:25c8:1946
Name servers : b.iana-servers.net., a.iana-servers.net.
DNSSEC signed : yes
Mail servers : 1 mail servers found
HTTPS alias : -
HTTPS info : -
Host info : -
TXT records : v=spf1 -all, 8j5nfqld20zpcyr8xjw0ydcfq9rk8hgm |
Beta Was this translation helpful? Give feedback.
-
If you stop the proxy, what does dnsleaktest show? |
Beta Was this translation helpful? Give feedback.
-
I added Quad9 resolvers to [sources] of the configuration file, and I guess that did the job! I now have only Quad9 DNS's in dnsleaktest. This is my current configuration file dnscrypt-proxy.toml. This works! P.s. found out Pi-hole is better with using Unbound as a recursive DNS. Although that, but great work team dnscrypt-proxy! :) |
Beta Was this translation helpful? Give feedback.
-
I think the strange part is the resolver IP. I did tests on Windows with:
Similar results. For example:
In the server window, dnscrypt-proxy/dnscrypt-proxy/resolve.go Lines 85 to 104 in a34258c |
Beta Was this translation helpful? Give feedback.
I added Quad9 resolvers to [sources] of the configuration file, and I guess that did the job! I now have only Quad9 DNS's in dnsleaktest.
This is my current configuration file dnscrypt-proxy.toml. This works!
P.s. found out Pi-hole is better with using Unbound as a recursive DNS. Although that, but great work team dnscrypt-proxy! :)