Thomas Eizinger
Thomas Eizinger
Perhaps instead of reacting to the network stack here, we should only tolerate X number of failures from a certain DNS server before we remove it?
> We never find out if there is a new nic in the gateway that has the desired ip stack Roaming is also not handled today because we never rebind...
> > > We never find out if there is a new nic in the gateway that has the desired ip stack > > > > > > Roaming is...
We could perhaps query network interfaces periodically using `networkctl`? https://man.archlinux.org/man/networkctl.1.en
> The only issue with requiring a restart for network changes is that admins may not be able to easily reach them. On a discovery call earlier this week the...
This builds on a few other things that I am no longer sure I want to merge. Putting this on hold.
Closing this as outdated. Instead, we should implement proper NAT-ing of ICMP error messages.
Currently, we silently drop TCP connections to sentinel DNS servers I think. Should we maybe just respond with a TCP RST?
This sounds useful: https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet
Also: https://wiki.mozilla.org/Security/DNS_Over_HTTPS/Heuristics#VPN_or_Proxy