doggo icon indicating copy to clipboard operation
doggo copied to clipboard

Published 20 hours ago verified publisher icon mr-karan

DNS over QUIC slow

Open moderation opened this issue 1 year ago • 1 comments

DNS queries over QUIC are always slow and appear to be hitting some sort of timeout. This behavior is the same on MacOS and Linux. Queries to @quic://dns.adguard.com are always over 6 seconds. This is using main branch and Go 1.21.0 and the following patch which appears to be required for the HTTPS queries:

diff --git a/pkg/resolvers/doq.go b/pkg/resolvers/doq.go
index 33bc47f..0242c99 100644
--- a/pkg/resolvers/doq.go
+++ b/pkg/resolvers/doq.go
@@ -26,7 +26,8 @@ type DOQResolver struct {
 func NewDOQResolver(server string, resolverOpts Options) (Resolver, error) {
        return &DOQResolver{
                tls: &tls.Config{
-                       NextProtos: []string{"doq"},
+                       InsecureSkipVerify: true,
+                       NextProtos:         []string{"doq"},
                },
                server:          server,
                resolverOptions: resolverOpts,

time doggo @https://cloudflare-dns.com/dns-query A AAAA HTTPS cloudflare.com;
time doggo @quic://dns.adguard.com A AAAA HTTPS cloudflare.com

NAME                   TYPE    CLASS   TTL     ADDRESS                                                 NAMESERVER
cloudflare.com.        A       IN      32s     104.16.132.229                                          https://cloudflare-dns.com/dns-query
cloudflare.com.        A       IN      32s     104.16.133.229                                          https://cloudflare-dns.com/dns-query
cloudflare.com.        AAAA    IN      136s    2606:4700::6810:84e5                                    https://cloudflare-dns.com/dns-query
cloudflare.com.        AAAA    IN      136s    2606:4700::6810:85e5                                    https://cloudflare-dns.com/dns-query
cloudflare.com.        HTTPS   IN      56s     1 . alpn="h3,h2"                                        https://cloudflare-dns.com/dns-query
                                               ipv4hint="104.16.132.229,104.16.133.229"
                                               ipv6hint="2606:4700::6810:84e5,2606:4700::6810:85e5"

________________________________________________________
Executed in  129.20 millis    fish           external
   usr time    4.88 millis   38.00 micros    4.84 millis
   sys time    4.80 millis  721.00 micros    4.08 millis

NAME                   TYPE    CLASS   TTL     ADDRESS                                                 NAMESERVER
cloudflare.com.        A       IN      212s    104.16.133.229                                          dns.adguard.com:853
cloudflare.com.        A       IN      212s    104.16.132.229                                          dns.adguard.com:853
cloudflare.com.        AAAA    IN      212s    2606:4700::6810:84e5                                    dns.adguard.com:853
cloudflare.com.        AAAA    IN      212s    2606:4700::6810:85e5                                    dns.adguard.com:853
cloudflare.com.        HTTPS   IN      300s    1 . alpn="h3,h2"                                        dns.adguard.com:853
                                               ipv4hint="104.16.132.229,104.16.133.229"
                                               ipv6hint="2606:4700::6810:84e5,2606:4700::6810:85e5"

________________________________________________________
Executed in    6.41 secs      fish           external
   usr time    5.65 millis   50.00 micros    5.60 millis
   sys time    5.51 millis  473.00 micros    5.04 millis

moderation avatar Aug 09 '23 20:08 moderation

This can be specified with --skip-hostname-verification.

mr-karan avatar Jun 28 '24 06:06 mr-karan

I've made some improvements in the resolver lookup. Seems fine on my end, so closing it:

$ time doggo @https://cloudflare-dns.com/dns-query A AAAA HTTPS cloudflare.com
NAME           	TYPE 	CLASS	TTL 	ADDRESS                                             	NAMESERVER
cloudflare.com.	A    	IN   	220s	104.16.132.229                                      	https://cloudflare-dns.com/dns-query
cloudflare.com.	A    	IN   	220s	104.16.133.229                                      	https://cloudflare-dns.com/dns-query
cloudflare.com.	AAAA 	IN   	211s	2606:4700::6810:84e5                                	https://cloudflare-dns.com/dns-query
cloudflare.com.	AAAA 	IN   	211s	2606:4700::6810:85e5                                	https://cloudflare-dns.com/dns-query
cloudflare.com.	HTTPS	IN   	300s	1 . alpn="h3,h2"                                    	https://cloudflare-dns.com/dns-query
               	     	     	    	ipv4hint="104.16.132.229,104.16.133.229"
               	     	     	    	ipv6hint="2606:4700::6810:84e5,2606:4700::6810:85e5"
doggo @https://cloudflare-dns.com/dns-query A AAAA HTTPS cloudflare.com  0.02s user 0.01s system 12% cpu 0.234 total

mr-karan avatar Jul 03 '24 16:07 mr-karan