1.3.3关于DNS服务器端口号：/#区别，以及几个奇怪现象，并找到一个导致chinadns.c:726 local_ns_initparse: Message too 的奇怪问题 #113

freeskyfly · 2020-02-05T06:11:05Z

root@LEDE:~# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1:5054 -c /etc/chinadns_chn
route.txt -m -v
Wed Feb 5 13:52:59 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5054
Wed Feb 5 13:52:59 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
Wed Feb 5 13:53:04 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5054
Wed Feb 5 13:53:04 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
Wed Feb 5 13:53:09 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5054
Wed Feb 5 13:53:09 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
^C
本地使用https-dns-proxy，端口5053/5054/5055
使用地址127.0.0.1:5054,该服务器似乎没有返回dns，实测直接用dig ，该端口是正常的数据如下：
###################################
; <<>> DiG 9.14.8 <<>> www.facebook.com @127.0.0.1 -p 5054
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7419
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
; PAD (34 bytes)
;; QUESTION SECTION:
;www.facebook.com. IN A

;; ANSWER SECTION:
www.facebook.com. 2625 IN CNAME star-mini.c10r.facebook.com.
star-mini.c10r.facebook.com. 60 IN A 31.13.82.36

;; Query time: 130 msec
;; SERVER: 127.0.0.1#5054(127.0.0.1)
;; WHEN: Wed Feb 05 13:55:20 CST 2020
;; MSG SIZE rcvd: 128
#############################################

将chinadns配置更改为127.0.0.1#5054，正常工作
root@LEDE:# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1#5054 -c /etc/chinadns_chn
route.txt -m -v
Wed Feb 5 13:51:05 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5054
Wed Feb 5 13:51:05 2020 response www.facebook.com from 223.5.5.5:53 - 67.228.221.221, filter
Wed Feb 5 13:51:05 2020 response www.facebook.com from 127.0.0.1:5054 - 31.13.82.36, pass
^C
同时发现另一个问题，针对127.0.0.1 端口5055，这个服务器是Quad9的httpsdns服务器，采用#标识端口号时正常，但是如果采用5055，就会出现chinadns.c:726 local_ns_initparse: Message too large的错误，如下：
root@LEDE:# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1#5055 -c /etc/chinadns_chn
route.txt -m -v
Wed Feb 5 13:51:59 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5055
Wed Feb 5 13:51:59 2020 response www.facebook.com from 223.5.5.5:53 - 31.13.74.17, filter
Wed Feb 5 13:52:00 2020 response www.facebook.com from 127.0.0.1:5055 - 157.240.13.35, pass
^C
root@LEDE:~# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1:5055 -c /etc/chinadns_chn
route.txt -m -v
Wed Feb 5 13:52:16 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5055
Wed Feb 5 13:52:16 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
Wed Feb 5 13:52:17 2020 chinadns.c:726 local_ns_initparse: Message too large
Wed Feb 5 13:52:21 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5055
Wed Feb 5 13:52:21 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
Wed Feb 5 13:52:21 2020 chinadns.c:726 local_ns_initparse: Message too large
Wed Feb 5 13:52:26 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5055
Wed Feb 5 13:52:26 2020 response www.facebook.com from 223.5.5.5:53 - 74.86.226.234, filter
Wed Feb 5 13:52:26 2020 chinadns.c:726 local_ns_initparse: Message too large

同时采用两个doh的端口，127.0.0.1:5053,127.0.0.1:5054，可以看出，5053的端口工作，但5054不工作。，端口号都是采用：进行分隔。
root@LEDE:~# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1:5053,127.0.0.1:5054 -c /e
tc/chinadns_chnroute.txt -m -v
Wed Feb 5 13:58:18 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5053 127.0.0.1:5054
Wed Feb 5 13:58:18 2020 response www.facebook.com from 223.5.5.5:53 - 69.171.229.11, filter
Wed Feb 5 13:58:19 2020 response www.facebook.com from 127.0.0.1:5053 - 31.13.82.36, pass

同理，加入5055的quad9端口，又出错误了。chinadns.c:726 local_ns_initparse: Message too large
root@LEDE:~# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1:5053,127.0.0.1:5055 -c /e
tc/chinadns_chnroute.txt -m -v
Wed Feb 5 14:00:03 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5053 127.0.0.1:5055
Wed Feb 5 14:00:03 2020 response www.facebook.com from 127.0.0.1:5053 - 31.13.82.36, pass
Wed Feb 5 14:00:03 2020 response www.facebook.com from 223.5.5.5:53 - 69.171.245.49, filter
Wed Feb 5 14:00:04 2020 chinadns.c:726 local_ns_initparse: Message too large

所以现在有些奇怪，为什么同一个服务器的端口，采用：不工作，用#分隔可以工作，但我不想把他认为设置为可信dns（顺便问一句如果有多个#号是否视为多个可信dns）。然后写入多个：+端口时，有某个或者某几个不工作。真多quad9的dns，采用：5055就会出现chinadns.c:726 local_ns_initparse: Message too large，但是用#就不会并且可以正常工作。
root@LEDE:~# /usr/bin/chinadns -p 5354 -s 119.29.29.29,223.5.5.5,127.0.0.1:5053,127.0.0.1#5055 -c /e
tc/chinadns_chnroute.txt -m -v
Wed Feb 5 14:02:52 2020 request www.facebook.com from 119.29.29.29:53 223.5.5.5:53 127.0.0.1:5053 127.0.0.1:5055
Wed Feb 5 14:02:52 2020 response www.facebook.com from 223.5.5.5:53 - 31.13.82.23, filter
Wed Feb 5 14:02:52 2020 response www.facebook.com from 127.0.0.1:5053 - 31.13.82.36, pass
Wed Feb 5 14:02:53 2020 response www.facebook.com from 127.0.0.1:5055 - 157.240.13.35, pass

https-dns-proxy配置如下
config main 'config'
option update_dnsmasq_config '-'

config https-dns-proxy
option bootstrap_dns '8.8.8.8,8.8.4.4'
option resolver_url 'https://dns.google/dns-query'
option listen_addr '127.0.0.1'
option listen_port '5053'
option user 'nobody'
option group 'nogroup'

config https-dns-proxy
option bootstrap_dns '1.1.1.1,1.0.0.1'
option resolver_url 'https://cloudflare-dns.com/dns-query'
option listen_addr '127.0.0.1'
option listen_port '5054'
option user 'nobody'
option group 'nogroup'

config https-dns-proxy
option bootstrap_dns '9.9.9.9,149.112.112.112'
option resolver_url 'https://dns.quad9.net/dns-query'
option listen_port '5055'

平台，openwrt19.07.1，MT7621，newifi-D1
https-dns-proxy从官方源下载
chiandns从openwrt-dist源rampis下载
所有海外地址均通过ipsev vpn连接，排除gfw问题。

freeskyfly · 2020-02-05T06:27:27Z

突然想起来了，我既然通过vpn其实不用追求DOH，主要还是考虑万一vpn挂掉，dns服务器还能够正常。

Typhonling · 2021-01-27T02:35:48Z

https://github.com/aa65535/openwrt-chinadns/wiki/Use-DNS-Forwarder
ChinaDNS 上游服务器设置为 114.114.114.114,127.0.0.1:5300 即可, 如果不需要压缩指针, 可以将 127.0.0.1:5300 改为 127.0.0.1#5300.
猜测:/#有可能是上述压缩指针的问题。

另外ChinaDNS似乎将所有非标端口的DNS上游均判别为可信服务器，未考虑自架非标端口DNS上游的情况。我希望将本地的DOH解析服务设为国内上游，大概只能通过设置一个虚假国内上游，通过iptables转发到本地来实现了。

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.3.3关于DNS服务器端口号：/#区别，以及几个奇怪现象，并找到一个导致chinadns.c:726 local_ns_initparse: Message too 的奇怪问题 #113

1.3.3关于DNS服务器端口号：/#区别，以及几个奇怪现象，并找到一个导致chinadns.c:726 local_ns_initparse: Message too 的奇怪问题 #113

freeskyfly commented Feb 5, 2020

freeskyfly commented Feb 5, 2020

Typhonling commented Jan 27, 2021

1.3.3关于DNS服务器端口号：/#区别，以及几个奇怪现象，并找到一个导致chinadns.c:726 local_ns_initparse: Message too 的奇怪问题 #113

1.3.3关于DNS服务器端口号：/#区别，以及几个奇怪现象，并找到一个导致chinadns.c:726 local_ns_initparse: Message too 的奇怪问题 #113

Comments

freeskyfly commented Feb 5, 2020

freeskyfly commented Feb 5, 2020

Typhonling commented Jan 27, 2021