DNS resolver cache daemon, DNS server with caches support. http://git.kilabit.info/rescached/atom?h=v4.1.0 2021-12-03T17:53:19Z 2021-12-03T17:53:19Z Shulhan ms@kilabit.info 2021-12-03T17:53:19Z urn:sha1:fb234bbd79b6b4766031a3696e078966738c9d14 == Breaking changes * all: remove using tcp scheme in config and documentation Using TCP for parent name server is discouraged, because most of server disallow keeping the connection alive. The valid use case for TCP connection is when server received truncated UDP answer. Using UDP as parent scheme, will automatically assume that the server also capable of handling query in TCP. This is required when client (for example, your browser) re-send the query after receiving truncated UDP answer. Any query received by rescached through TCP will forwarded to the parent name server as TCP too, using the same address and port defined in one of UDP parent. While at it, use Cloudflare DNS server as default in configuration and as example in documentation. == New features * Add support to save and load caches to/from storage upon restart rescached now able to save and load caches to local storage upon restart. On POSIX, the caches is stored in /var/cache/rescached/rescached.gob, encoded using gob. Update #9 == Bug fixes * make the TCP forwarders as complementary of UDP The TCP forwarders only active when client send the DNS request as TCP. When the server receive that request it should also forward the request as TCP not as UDP to prevent the truncated response. Another use case for TCP is when the response is truncated, the client will send the query back through TCP connection. The server should forward this request using TCP instead of UDP. == Enhancements * remove the fallback name servers (NS) from server options The original idea of fallback NS is to send the query to the one define in resolv.conf, instead of using the one defined by user in ServerOptions NameServers, when an error occured. But, most of error usually caused by network (disconnected, time out), so re-sending query to fallback NS does not have any effect if the network it self is not working. This changes remove the unnecessary and complex fallback NS from server. * Do not cache truncated answer Previously only answer with non-zero response code is ignored. This changes ignore also answer where response header is truncated. 2021-12-03T17:44:07Z Shulhan ms@kilabit.info 2021-12-03T17:44:07Z urn:sha1:4070dc72fd494e81fabaaeee16f3804e575f3c62 This changes update the code based on refactoring on lib/dns package on share module. 2021-11-14T07:36:23Z Shulhan ms@kilabit.info 2021-11-14T07:35:45Z urn:sha1:33b6afc6e94eb01fac34be142b468b0d824b1273 Using TCP for parent name server is discouraged, because most of server disallow keeping the connection alive. The valid use case for TCP connection is when server received truncated UDP answer. Using UDP as parent scheme, will automatically assume that the server also capable of handling query in TCP. This is required when client (for example, your browser) re-send the query after receiving truncated UDP answer. Any query received by rescached through TCP will forwarded to the parent name server as TCP too, using the same address and port defined in one of UDP parent. While at it, use Cloudflare DNS server as default in configuration and as example in documentation. 2021-11-14T07:01:10Z Shulhan ms@kilabit.info 2021-11-14T07:01:10Z urn:sha1:7e545957536142a995ee8176c2b2a44f085e5dfb The update bring new features and enhancements for DNS server. * add support to save and load caches to/from storage rescached now able to save and load caches to local storage upon restart. On POSIX, the caches is stored in /var/cache/rescached/rescached.gob, encoded using gob. Update #9 * remove the fallback name servers (NS) from server options The original idea of fallback NS is to send the query to the one define in resolv.conf, instead of using the one defined by user in ServerOptions NameServers, when an error occured. But, most of error usually caused by network (disconnected, time out), so re-sending query to fallback NS does not have any effect if the network it self is not working. This changes remove the unnecessary and complex fallback NS from server. * do not cache truncated answer Previously only answer with non-zero response code is ignored. This changes ignore also answer where response header is truncated. * lib/dns: make the TCP forwarders as complementary of UDP The TCP forwarders only active when client send the DNS request as TCP. When the server receive that request it should also forward the request as TCP not as UDP to prevent the truncated response. Another use case for TCP is when the response is truncated, the client will send the query back through TCP connection. The server should forward this request using TCP instead of UDP. 2021-11-14T06:30:00Z Shulhan ms@kilabit.info 2021-11-14T06:30:00Z urn:sha1:be4d9303ec1a8e99047b7c2719b48497481eac40 2021-11-14T06:29:30Z Shulhan ms@kilabit.info 2021-11-14T06:29:30Z urn:sha1:6ad34830510689cd33f4cdc395f8ea22be323c81 Previously, the deploy task is to deploy the new version of rescached to my personal, public server. To make the task names consistent with macos (install-macos, deploy-macos, ...), we rename the deploy to deploy-personal-server; and the deploy task is default to deploying to Linux. 2021-11-06T10:13:34Z Shulhan ms@kilabit.info 2021-11-06T10:13:34Z urn:sha1:305190a2b2236f74aab7955b85a7933dac6de2d6 2021-07-12T17:07:28Z Shulhan ms@kilabit.info 2021-07-12T17:07:28Z urn:sha1:7d636ad2f88834ad7162dfea8096628b630ed736 Changes affected by update, * lib/http: changes on Endpoint.Call function signature * lib/http: changes on CORS configuration * lib/test: changes on the Assert function signature 2021-01-25T17:05:16Z Shulhan ms@kilabit.info 2021-01-25T17:05:16Z urn:sha1:004ca8bc561162deb1a58a82cbdcca241de9a6cb == New features Rescached now have a web user interface (wui) that can be accessed at http://127.0.0.1:5380. The interface can be used to monitoring caches, managing caches, environment, blocked hosts, internal hosts files, and zone files. == Breaking changes * The `rescached::dir.hosts` now default to "/etc/rescached/hosts.d" * The `rescached::dir.master` now default to "/etc/rescached/zone.d" 2021-01-25T16:59:34Z Shulhan ms@kilabit.info 2021-01-25T16:59:34Z urn:sha1:4f9e0bb76ce80aeeecfb539a5d41ffbf8402e638 Since the default parent is DNS over TLS, https://18.136.35.199, which is run using self-signed certificate, we need to allow_insecure to true to make the forward can connect without error.