Thomas Eizinger
Thomas Eizinger
We can't control which DNS server is picked by the operating system. We create a 1-to-1 mapping for each configured DNS server. We could start doing NAT64 or NAT46 for...
> If we don't have a valid IPv4 or IPv6 socket we shouldn't advertise these as sentinels. Unfortunately, that isn't as easy to determine as we thought it is. A...
The other thing we can build is some kind of circuit-breaker. If we notice that queries to a certain DNS server keep failing or it doesn't respond, we can disable...
> > Receive an ICMP error => Send an ICMP error to the app > > I think in theory this makes sense, but in all my years of app...
Moved this to backlog because we couldn't reproduce it.
With https://github.com/firezone/firezone/pull/6999 in place, we should be able to do this quite easily. We only need to fix https://github.com/quinn-rs/quinn/issues/1971 in order to immediately fail the query so we can respond...
I recently submitted https://github.com/quinn-rs/quinn/pull/2017 which will allow us to fail the DNS query instantly in that case and report back SERVFAIL. Wondering if that will be enough! If not, we...
> What we could do here is detect the quinn::udp `OS error 49` when we fail to send packets to IPv6 or IPv4 relays and mark those sockets as unusable....
We should fix this by extending our NAT to be able to handle ICMP error messages and not just echo requests & replies. See https://github.com/firezone/firezone/issues/5614.
> Looks nice. I'd have to know how weird the buttons and callbacks and stuff are before committing to it Have you ever worked with React? It is basically the...