Rename fallback_resolvers to bootstrap_resolvers

Clarify what they are used for.

Remove the legacy `fallback_resolver`.

dnscrypt-proxy/config.go

@@ -82,8 +82,8 @@ type Config struct {
 	SourceIPv4               bool                        `toml:"ipv4_servers"`
 	SourceIPv6               bool                        `toml:"ipv6_servers"`
 	MaxClients               uint32                      `toml:"max_clients"`
-	FallbackResolver         string                      `toml:"fallback_resolver"`
+	BootstrapResolversLegacy []string                    `toml:"fallback_resolvers"`
-	FallbackResolvers        []string                    `toml:"fallback_resolvers"`
+	BootstrapResolvers       []string                    `toml:"bootstrap_resolvers"`
 	IgnoreSystemDNS          bool                        `toml:"ignore_system_dns"`
 	AllWeeklyRanges          map[string]WeeklyRangesStr  `toml:"schedules"`
 	LogMaxSize               int                         `toml:"log_files_max_size"`
@@ -132,7 +132,7 @@ func newConfig() Config {
 		SourceDNSCrypt:           true,
 		SourceDoH:                true,
 		MaxClients:               250,
-		FallbackResolvers:        []string{DefaultFallbackResolver},
+		BootstrapResolvers:       []string{DefaultBootstrapResolver},
 		IgnoreSystemDNS:          false,
 		LogMaxSize:               10,
 		LogMaxAge:                7,
@@ -368,18 +368,18 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	proxy.xTransport.tlsDisableSessionTickets = config.TLSDisableSessionTickets
 	proxy.xTransport.tlsCipherSuite = config.TLSCipherSuite
 	proxy.xTransport.mainProto = proxy.mainProto
-	if len(config.FallbackResolver) > 0 {
+	if len(config.BootstrapResolvers) == 0 && len(config.BootstrapResolversLegacy) > 0 {
-		config.FallbackResolvers = []string{config.FallbackResolver}
+		config.BootstrapResolvers = config.BootstrapResolversLegacy
 	}
-	if len(config.FallbackResolvers) > 0 {
+	if len(config.BootstrapResolvers) > 0 {
-		for _, resolver := range config.FallbackResolvers {
+		for _, resolver := range config.BootstrapResolvers {
 			if err := isIPAndPort(resolver); err != nil {
-				return fmt.Errorf("Fallback resolver [%v]: %v", resolver, err)
+				return fmt.Errorf("Bootstrap resolver [%v]: %v", resolver, err)
 			}
 		}
 		proxy.xTransport.ignoreSystemDNS = config.IgnoreSystemDNS
 	}
-	proxy.xTransport.fallbackResolvers = config.FallbackResolvers
+	proxy.xTransport.bootstrapResolvers = config.BootstrapResolvers
 	proxy.xTransport.useIPv4 = config.SourceIPv4
 	proxy.xTransport.useIPv6 = config.SourceIPv6
 	proxy.xTransport.keepAlive = time.Duration(config.KeepAlive) * time.Second
@@ -677,8 +677,8 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	netprobeAddress := DefaultNetprobeAddress
 	if len(config.NetprobeAddress) > 0 {
 		netprobeAddress = config.NetprobeAddress
-	} else if len(config.FallbackResolvers) > 0 {
+	} else if len(config.BootstrapResolvers) > 0 {
-		netprobeAddress = config.FallbackResolvers[0]
+		netprobeAddress = config.BootstrapResolvers[0]
 	}
 	proxy.showCerts = *flags.ShowCerts || len(os.Getenv("SHOW_CERTS")) > 0
 	if !*flags.Check && !*flags.ShowCerts && !*flags.List && !*flags.ListAll {

dnscrypt-proxy/example-dnscrypt-proxy.toml

@@ -208,27 +208,37 @@ cert_refresh_delay = 240
 # tls_cipher_suite = [52392, 49199]
 
 
-## Fallback resolvers
+## Bootstrap resolvers
+##
 ## These are normal, non-encrypted DNS resolvers, that will be only used
-## for one-shot queries when retrieving the initial resolvers list, and
+## for one-shot queries when retrieving the initial resolvers list and the
-## only if the system DNS configuration doesn't work.
+## the system DNS configuration doesn't work.
 ##
-## No user application queries will ever be leaked through these resolvers,
+## No user queries will ever be leaked through these resolvers, and they will
-## and they will not be used after IP addresses of resolvers URLs have been found.
+## not be used after IP addresses of DoH resolvers have been found (if you are
-## They will never be used if lists have already been cached, and if stamps
+## using DoH).
-## don't include host names without IP addresses.
+##
+## They will never be used if lists have already been cached, and if the stamps
+## of the configured servers already include IP addresses (which is the case for
+## most of DoH servers, and for all DNSCrypt servers and relays).
+##
+## They will not be used if the configured system DNS works, or after the
+## proxy already has at least one usable secure resolver.
 ##
-## They will not be used if the configured system DNS works.
 ## Resolvers supporting DNSSEC are recommended, and, if you are using
-## DoH, fallback resolvers should ideally be operated by a different entity than
+## DoH, bootstrap resolvers should ideally be operated by a different entity
-## the DoH servers you will be using, especially if you have IPv6 enabled.
+## than the DoH servers you will be using, especially if you have IPv6 enabled.
 ##
-## People in China may need to use 114.114.114.114:53 here.
+## People in China may want to use 114.114.114.114:53 here.
-## Other popular options include 8.8.8.8 and 1.1.1.1.
+## Other popular options include 8.8.8.8, 9.9.9.9 and 1.1.1.1.
 ##
 ## If more than one resolver is specified, they will be tried in sequence.
+##
+## TL;DR: put valid standard resolver addresess here. Your actual queries will
+## not be sent there. If you're using DNSCrypt or Anonymized DNS and your
+## lists are up to date, these resolvers will not even be used.
 
-fallback_resolvers = ['9.9.9.9:53', '8.8.8.8:53']
+bootstrap_resolvers = ['9.9.9.9:53', '8.8.8.8:53']
 
 
 ## Always use the fallback resolver before the system DNS settings.

dnscrypt-proxy/xtransport.go

@@ -28,12 +28,12 @@ import (
 )
 
 const (
-	DefaultFallbackResolver = "9.9.9.9:53"
+	DefaultBootstrapResolver = "9.9.9.9:53"
-	DefaultKeepAlive        = 5 * time.Second
+	DefaultKeepAlive         = 5 * time.Second
-	DefaultTimeout          = 30 * time.Second
+	DefaultTimeout           = 30 * time.Second
-	SystemResolverIPTTL     = 24 * time.Hour
+	SystemResolverIPTTL      = 24 * time.Hour
-	MinResolverIPTTL        = 12 * time.Hour
+	MinResolverIPTTL         = 12 * time.Hour
-	ExpiredCachedIPGraceTTL = 15 * time.Minute
+	ExpiredCachedIPGraceTTL  = 15 * time.Minute
 )
 
 type CachedIPItem struct {
@@ -51,7 +51,7 @@ type XTransport struct {
 	keepAlive                time.Duration
 	timeout                  time.Duration
 	cachedIPs                CachedIPs
-	fallbackResolvers        []string
+	bootstrapResolvers       []string
 	mainProto                string
 	ignoreSystemDNS          bool
 	useIPv4                  bool
@@ -64,14 +64,14 @@ type XTransport struct {
 }
 
 func NewXTransport() *XTransport {
-	if err := isIPAndPort(DefaultFallbackResolver); err != nil {
+	if err := isIPAndPort(DefaultBootstrapResolver); err != nil {
-		panic("DefaultFallbackResolver does not parse")
+		panic("DefaultBootstrapResolver does not parse")
 	}
 	xTransport := XTransport{
 		cachedIPs:                CachedIPs{cache: make(map[string]*CachedIPItem)},
 		keepAlive:                DefaultKeepAlive,
 		timeout:                  DefaultTimeout,
-		fallbackResolvers:        []string{DefaultFallbackResolver},
+		bootstrapResolvers:       []string{DefaultBootstrapResolver},
 		mainProto:                "",
 		ignoreSystemDNS:          true,
 		useIPv4:                  true,
@@ -272,12 +272,12 @@ func (xTransport *XTransport) resolveUsingResolvers(proto, host string, resolver
 		ip, ttl, err = xTransport.resolveUsingResolver(proto, host, resolver)
 		if err == nil {
 			if i > 0 {
-				dlog.Infof("Resolution succeeded with fallback resolver %s[%s]", proto, resolver)
+				dlog.Infof("Resolution succeeded with bootstrap resolver %s[%s]", proto, resolver)
 				resolvers[0], resolvers[i] = resolvers[i], resolvers[0]
 			}
 			break
 		}
-		dlog.Infof("Unable to resolve [%s] using fallback resolver %s[%s]: %v", host, proto, resolver, err)
+		dlog.Infof("Unable to resolve [%s] using bootstrap resolver %s[%s]: %v", host, proto, resolver, err)
 	}
 	return
 }
@@ -307,18 +307,18 @@ func (xTransport *XTransport) resolveAndUpdateCache(host string) error {
 		}
 		for _, proto := range protos {
 			if err != nil {
-				dlog.Noticef("System DNS configuration not usable yet, exceptionally resolving [%s] using fallback resolvers over %s", host, proto)
+				dlog.Noticef("System DNS configuration not usable yet, exceptionally resolving [%s] using bootstrap resolvers over %s", host, proto)
 			} else {
-				dlog.Debugf("Resolving [%s] using fallback resolvers over %s", host, proto)
+				dlog.Debugf("Resolving [%s] using bootstrap resolvers over %s", host, proto)
 			}
-			foundIP, ttl, err = xTransport.resolveUsingResolvers(proto, host, xTransport.fallbackResolvers)
+			foundIP, ttl, err = xTransport.resolveUsingResolvers(proto, host, xTransport.bootstrapResolvers)
 			if err == nil {
 				break
 			}
 		}
 	}
 	if err != nil && xTransport.ignoreSystemDNS {
-		dlog.Noticef("Fallback resolvers didn't respond - Trying with the system resolver as a last resort")
+		dlog.Noticef("Bootstrap resolvers didn't respond - Trying with the system resolver as a last resort")
 		foundIP, ttl, err = xTransport.resolveUsingSystem(host)
 	}
 	if ttl < MinResolverIPTTL {
@@ -364,7 +364,7 @@ func (xTransport *XTransport) Fetch(method string, url *url.URL, accept string,
 		return nil, nil, 0, errors.New("Onion service is not reachable without Tor")
 	}
 	if err := xTransport.resolveAndUpdateCache(host); err != nil {
-		dlog.Errorf("Unable to resolve [%v] - Make sure that the system resolver works, or that `fallback_resolver` has been set to a resolver that can be reached", host)
+		dlog.Errorf("Unable to resolve [%v] - Make sure that the system resolver works, or that `bootstrap_resolvers` has been set to resolvers that can be reached", host)
 		return nil, nil, 0, err
 	}
 	req := &http.Request{