-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat: [app/dns] Support per-client configuration #1977
Feat: [app/dns] Support per-client configuration #1977
Conversation
8329c15
to
e393017
Compare
e393017
to
1655224
Compare
Codecov ReportBase: 38.88% // Head: 38.81% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## master #1977 +/- ##
==========================================
- Coverage 38.88% 38.81% -0.07%
==========================================
Files 616 608 -8
Lines 36336 36502 +166
==========================================
+ Hits 14128 14170 +42
- Misses 20630 20763 +133
+ Partials 1578 1569 -9
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
// DisableCache disables DNS cache | ||
bool disableCache = 8; | ||
// Deprecated. Use cache_strategy. | ||
bool disableCache = 8 [deprecated = true]; | ||
|
||
// Deprecated. Use fallback_strategy. | ||
bool disableFallback = 10 [deprecated = true]; | ||
|
||
// Deprecated. Use fallback_strategy. | ||
bool disableFallbackIfMatch = 11 [deprecated = true]; | ||
|
||
// Default query strategy (IPv4, IPv6, or both) for each name server. | ||
QueryStrategy query_strategy = 9; | ||
|
||
bool disableFallback = 10; | ||
// Default cache strategy for each name server. | ||
CacheStrategy cache_strategy = 12; | ||
|
||
bool disableFallbackIfMatch = 11; | ||
// Default fallback strategy for each name server. | ||
FallbackStrategy fallback_strategy = 13; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems for now SimplifiedConfig
and SimplifiedNameServer
is not used in infra/conf yet, should these fields marked deprecated or directly changed to reserved
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think marking deprecated is better.
Future worksRouting StrategyThis strategy aims to unify the three scenarios in routing dns inbound requests:
FakeDNSWork on FakeDNS aims to remove Currently I may propose two ways and would like to know any of them would be a good idea: Configure
|
This is a very constructive PR and we should review the code and merge it as soon as possible. |
I reviewed it again. |
…disableFallback`, `disableFallbackIfMatch`
This PR defines a new way to interpret DNS module and all its name servers:
Each nameserver (the client) could configure their options (e.g. tag, clientIP, queryStrategy) independently, while options specified in the DNS module are used as global default.
That is, a client for now could configure following options individually:
Inbound Tag
A special nameserver could name its inbound with a unique tag, thus made possible for domain-based DNS routing.
E.g. a server resolving
geosite:bilibili
gets namedbilibili
, and in routing it could be routed either directly or via HK proxy, to switch between different regions.Client IP
Nameservers of same address could use different
clientIP
for different domains.Fallback Strategy
A special nameserver serving
geosite:bilibili
may not expect to be used by other domains. Thus could be disabled from fallback individually.On the other hand, when a domain matching
geosite:bilibili
, we also do not want the fallback servers to resolve it anymore, such could be set todisabledIfAnyMatch
.Cache Strategy
Each nameserver could disable cache individually.
Query Strategy
We could force certain domains to use only IPv4 or IPv6 address, if either route is preferred or with better quality.
A use case in transparent proxy:
In transparent proxy, we could specify all IPv6 packets go direct, but route all global IPv4 addresses to proxy (since when proxied, it normally doesn't matter whether dest is v4 or v6). Then, with
queryStrategy
, we could enforce all 1) global geosite domains, and 2) domains hit fallback server expecting non-CN IP to return only IPv4 IP, therefore gets routed to v2ray naturally.This sorts of works like fakedns, but all resolved IPs are real, and v2ray does not take control of all traffic, only expected ones.
In this PR, following options are deprecated (but keep compatible with new options):
disableFallback
,disableFallbackIfMatch
,skipFallback
: usefallbackStrategy
.disableCache
: usecacheStrategy
.This PR also refactors the DNS module code, majorly to improve the readability and renders it more maintainable.
This PR does not introduce any change to existing features API. They'll be discussed and separated to future PRs.