mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2025-04-03 05:07:41 +03:00
Remove LargerResponsesDropped
dnsdist drops DNSCrypt queries shorter than 256 bytes, interpreting them as not being encrypted instead. This is surprising when doing ad-hoc testing, but absolutely fine, and we will never send shorter encrypted queries on normal circumstances. So, remove a useless knob.
This commit is contained in:
parent
fb04a62470
commit
74095d38ed
6 changed files with 12 additions and 40 deletions
|
@ -2,11 +2,10 @@
|
|||
- Version 1.4.0 of the dnsdist load balancer (presumably used by
|
||||
quad9, cleanbrowsing, qualityology, freetsa.org, ffmuc.net,
|
||||
opennic-bongobow, sth-dnscrypt-se, ams-dnscrypt-nl and more)
|
||||
unintentionally introduced a regression preventing large queries
|
||||
from being received over UDP. Temporary workarounds have been
|
||||
introduced to improve reliability with these resolvers for regular
|
||||
DNSCrypt. Unfortunately, anonymized DNS cannot be reliable until
|
||||
dnsdist is updated on these servers.
|
||||
is preventing queries over 1500 bytes from being received over UDP.
|
||||
Temporary workarounds have been introduced to improve reliability
|
||||
with these resolvers for regular DNSCrypt. Unfortunately, anonymized
|
||||
DNS cannot be reliable until dnsdist is updated on these servers.
|
||||
- New option in the `[anonymized_dns]` section: `skip_incompatible`,
|
||||
to ignore resolvers incompatible with Anonymized DNS instead of
|
||||
using them without a relay.
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue