Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add disable ecs option #155

Closed
wants to merge 1 commit into from
Closed

add disable ecs option #155

wants to merge 1 commit into from

Conversation

shirakun
Copy link

@shirakun shirakun commented Jan 4, 2024

add disable ecs option

#154

@m13253
Copy link
Owner

m13253 commented Jan 4, 2024

Here are my questions about this change.

I don’t quite understand why we need this option, because:

  1. It doesn’t really disable GeoDNS as the upstream server can still use doh-server’s IP.
    (Omitting an ECS field doesn’t mean turning it off. Sending a +subnet=0 explicitly does.)
  2. ECS can be disabled at client side.
    If using dig, the +subnet=0 option turns off ECS. (man page)
    If using doh-client, the no_ecs = true option turns off ECS.
  3. ECS can be disabled at HTTP SLB side.
    Forwarding the client’s IP address is always optional. If you don’t want the client’s IP, why forward it at the first place?
  4. If you have a DNS cache, ECS can also be disabled at DNS cache.
    I believe most DNS cache either allows you to turn off ECS, or doesn’t support ECS so ECS tag is automatically ignored.

Furthermore, as DoH is very difficult to deploy on anycast, ECS is very important to ensure GeoDNS performance. I don’t want service operators to blindly turn off ECS without spending an hour thinking it twice.
(Although there are DoH providers that deliberately disable ECS (e.g. Cloudflare), it’s because they have massive PoP network, and their PoP may reside in the same city with their users, so the IP address of their PoP can be used in substitute of the IP address of their users. It does hides what ISP you are using, but your geographical location is still disclosed.)

Also, some minor suggestions:

  1. the option should be called no_ecs to be consistent with doh-client.
  2. No ; at the end to be consistent with other options.
  3. ECS is only one part of EDNS, so the comment needs to be rewritten.

I haven’t yet decided to merge this change. Please persuade me.

@shirakun
Copy link
Author

shirakun commented Jan 4, 2024

Hi
I understand your confusion.
This is a scenario that very few people will ever use.
I'm going to use a picture to describe the scenario.

image

In addition, in this case ContryA cannot connect directly to public DNS servers like Google DNS.


This DNS architecture is often used with proxies

If the CountryA DNS server is excluded, then the CountryA Client will get a CountryB CDN IP.
The CountryB CDN IP will be requested through the Proxy.
This will cause the CountryA Gov to track the Client through the Client Account.
Client will face 7 days to 1 year imprisonment.

@m13253
Copy link
Owner

m13253 commented Jan 4, 2024

You might want to consider combining doh-server with my another project https://github.com/m13253/geodns-injector. Originally developed to allow correct resolution of NetEase Music domain names.

You can put whatever IP into geodns-injector, allowing you to get geographically relevant results while keeping IP private (unless the client IP matches the configured passthrough country).

Actually doh-client and doh-server only submit IP prefix up to /24 (up to /48 for IPv6, some implementations use /56). This is determined to be the smallest IP prefix allowed in public BGP infrastructure, allowing geographical relevance, but preventing tracking each single user.

@shirakun shirakun closed this Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants