summaryrefslogtreecommitdiffstats
path: root/sbin/unwind/resolver.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Implement unwindctl status memory to show chache memory usage.florian2019-12-181-1/+12
| | | | testing by otto & pamela as part of a larger diff
* Turn opportunistic DoT into their own strategies.florian2019-12-081-2/+1
| | | | | | | | | | | | This is beneficial since we prefer strategies according to their performance. Previously name servers were upgraded to opportunistic DoT if it was available even if the round trip times went through the roof and there was no way to got back to plain udp/53 DNS. To make up a bit of space in the unwindctl status output, name servers learned via DHCP or SLAAC are printed in a new subcommand. The status output will be further improved shortly. Input & OK otto
* Add an "all" mode for status and a much more compact and readable histogramotto2019-12-021-1/+3
| | | | display; remove the why bogus status message; ok florian@
* show median RTT in unwindctl statusflorian2019-11-281-1/+2
|
* Track all elements of a forwarder configuration individually:florian2019-11-281-2/+2
| | | | | | IP address, port and authentication name. This makes print_config less awkward and fixes a bug were an alternative port number was not printed.
* Instead of only considering if a resolving strategy is dead, works orflorian2019-11-271-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | validates, measure how well it is doing. We keep track of the round trip median time of past queries and sort strategies according to this in addition to the more basic qualities of does it resolve and does it validate. If a query is not answered within the median time the next best strategy gets a chance. The most prefered strategy (either from the config file or defaults) gets an additional head start of 200ms. A response of SERVFAIL also advances to the next best strategy. This is helpful when the picked strategy can only see parts of the internet but another strategy can reach more. This alone gets us past quite a few captive portals already. Additionally we doubt NXDOMAIN from anything but the stub resolver for the first 5 minutes after a network change. This is probably as good as the http check we had previously but more tests are needed. This was inspired by RFC 8305, "Happy Eyeballs". OK otto
* Nuke http captive portal detection; something better is coming.florian2019-11-271-2/+1
| | | | OK otto
* simplify histogram code and cut off at < limit, as the histogram display inotto2019-11-251-2/+1
| | | | unwindctl suggests; ok florian@
* Track on which interface nameservers have been learned.florian2019-11-211-3/+4
| | | | prodding deraadt@
* Print learned forwarders in unwindctl.florian2019-11-191-1/+6
| | | | | Someone please make this pretty. Tested by deraadt as part of a larger diff.
* *** empty log message ***otto2019-11-031-1/+2
|
* Add a config option to specify the preference of name servers.florian2019-04-021-16/+1
| | | | | Unfortunately the nameserver types enums needed to be renamed to not collide with yacc tokens.
* Introduce array of resolvers in preparation of custom orderingflorian2019-04-021-2/+2
|
* s/unwind_/uw_/ to save screen real estate; fix style(9) issues while hereflorian2019-02-171-8/+8
|
* Captive portal detection for unwind(8).florian2019-02-031-3/+5
|
* Implement DNS over TLS (DoT).florian2019-01-271-2/+4
|
* Import unwind(8).florian2019-01-231-0/+70
unwind(8) is a hybrid validating stub & recursive resolver. It actively observes the local net to decide how to best resolve names. It can chose to recurse on it's own or talk to dhcp provided forwardes or statically defined forwarders in the config file. The intention is to be able to run it on localhost on every machine. "toss it in man" deraadt@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.