blocky: Very slow queries without the parameter bootstrapDns

Without the bootstrapDns parameter in the config DoH queries take a very long time (>2000ms).

And additionally I saw a lot of i/o timouts when making a lot of requests to blocky without a bootstrap DNS.

Configuration:

upstream:
  default:
    - https://dns.quad9.net/dns-query

queryLog:
  type: console

#bootstrapDns: tcp+udp:1.1.1.1
port: 53

As soon as the bootstrap DNS is enabled the the durations of the queries are at a normal level again and the i/o timeouts are gone.

About this issue

Original URL
State: closed
Created 2 years ago
Comments: 23 (8 by maintainers)

Commits related to this issue

fix: format ipv6 URL for DoH bootstrap request according to RFC3513 (#701) — committed to 0xERR0R/blocky by 0xERR0R 2 years ago
fix: format ipv6 URL for DoH bootstrap request according to RFC3513 (#701) — committed to 0xERR0R/blocky by 0xERR0R 2 years ago

Most upvoted comments

Tried the latest development branch without connectIPVersion, with connectIPVersion: v4 and with connectIPVersion: v6 on two different machines and now the durations of the queries where normal. So I would say that the problem is fixed.

And are there maybe any plans when the next release will be?

ioqy on Nov 4, 2022

I think the error “[2022-11-02 22:09:10] DEBUG upstream_resolver: can’t resolve request via upstream server https://2620:fe::fe:443/dns-query: can’t perform https request: Post “https://2620:fe::fe:443/dns-query”: context deadline exceeded (Client.Timeout exceeded while awaiting headers), retrying… attempt=1/3 question=A (github.com.) upstream=https://dns.quad9.net/dns-query upstream_ip=2620:fe::fe” is not a timeout, the problem here is the wrong formatted URL “https://2620:fe::fe:443/dns-query”. Regarding to https://www.ietf.org/rfc/rfc3986.txt (Section 3.2.2):

A host identified by an Internet Protocol literal address, version 6 [RFC3513] or later, is distinguished by enclosing the IP literal within square brackets (“[” and “]”). This is the only place where square bracket characters are allowed in the URI syntax. In anticipation of future, as-yet-undefined IP literal address formats, an implementation may use an optional version flag to indicate such a format explicitly rather than rely on heuristic determination.

So it should be “https://[2620:fe::fe]:443/dns-query”. If I change the implementation, it works just fine

0xERR0R on Nov 3, 2022

You should always define a bootstrap server if no IP based upstream server is defined.

Otherwise the initial lookup is done through the system resolver what could lead to a loop if it is set to blocky.

kwitsch on Oct 29, 2022