edns参数只支持全局配置，不支持单独配置

[giveup]

经过验证。对于edns-client-subnet参数只支持全局配置，无法在某个上游服务器单独配置。

对于下面这种配置，edns参数不生效

server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24

但是启动的时候，也没报错

root@AX6S:/etc/smartdns# ./smartdns-rs run -c ./smartdns-rs.conf 
2024-03-28 08:03:18.937:INFO: Smart-DNS 🐋 0.7.2 starting
2024-03-28 08:03:18.937:INFO: loading configuration from: "./smartdns-rs.conf"
2024-03-28 08:03:18.938:WARN:smartdns::config::parser::nameserver:131: unknown server options: http-host, Some("dns.alidns.com")
2024-03-28 08:03:18.939:WARN:smartdns::config::parser::nameserver:131: unknown server options: http-host, Some("dns.alidns.com")
2024-03-28 08:03:18.939:WARN:smartdns::config::parser::nameserver:131: unknown server options: http-host, Some("dns.alidns.com")
2024-03-28 08:03:18.939:WARN:smartdns::config::parser::nameserver:131: unknown server options: http-host, Some("dns.alidns.com")
2024-03-28 08:03:18.943:INFO: whoami 👉 smartdns-rs
2024-03-28 08:03:18.943:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: ["domestic"]] 
2024-03-28 08:03:18.943:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: ["domestic"]] 
2024-03-28 08:03:18.943:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: ["oversea"]] 
2024-03-28 08:03:18.943:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: ["oversea"]] 
2024-03-28 08:03:18.944:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: default]
2024-03-28 08:03:18.944:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: default]
2024-03-28 08:03:18.944:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: default]
2024-03-28 08:03:18.944:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: default]
2024-03-28 08:03:18.959:INFO: bootstrap-dns https://223.5.5.5/dns-query?ssl_verify=false
2024-03-28 08:03:18.960:INFO: bootstrap-dns https://223.6.6.6/dns-query?ssl_verify=false
2024-03-28 08:03:18.960:INFO: bootstrap-dns https://223.5.5.5/dns-query?ssl_verify=false
2024-03-28 08:03:18.960:INFO: bootstrap-dns https://223.6.6.6/dns-query?ssl_verify=false
2024-03-28 08:03:18.961:INFO: listening for UDP on 192.168.31.1:1053@br-lan
2024-03-28 08:03:18.961:INFO: listening for UDP on 127.0.0.1:1053@lo
2024-03-28 08:03:18.961:INFO: listening for UDP on 192.168.31.1:1054@br-lan
2024-03-28 08:03:18.961:INFO: listening for UDP on 127.0.0.1:1054@lo

查看代码发现有相关的单元测试
https://github.com/mokeyish/smartdns-rs/blob/main/src/dns_conf.rs#L1015

[giveup]

#231 这个应该是一样的问题

[mokeyish]

好，我周末看一下

[mokeyish]

增加了日志打印，测试是配置进去的。

[giveup]

似乎没有什么变化@mokeyish

2024-03-31 04:47:31.51:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:42027
2024-03-31 04:47:31.52:DEBUG:smartdns::app:370: request:43609 src:UDP://127.0.0.1#42027 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-03-31 04:47:31.52:DEBUG:smartdns::dns_client:248: initialize name server [Group: domestic]
2024-03-31 04:47:31.53:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: domestic]
2024-03-31 04:47:37.885:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:58684
2024-03-31 04:47:37.885:DEBUG:smartdns::app:370: request:9833 src:UDP://127.0.0.1#58684 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-03-31 04:47:37.885:DEBUG:smartdns::dns_client:248: initialize name server [Group: oversea]
2024-03-31 04:47:37.886:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: oversea]

root@AX6S:~# dig @127.0.0.1 -p 1053 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1053 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43609
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME cn-bing-com.cn.a-0001.a-msedge.net.
cn-bing-com.cn.a-0001.a-msedge.net. 600	IN CNAME china.bing123.com.
china.bing123.com.	600	IN	A	202.89.233.100
china.bing123.com.	600	IN	A	202.89.233.101

;; Query time: 80 msec
;; SERVER: 127.0.0.1#1053(127.0.0.1) (UDP)
;; WHEN: Sun Mar 31 12:47:31 HKT 2024
;; MSG SIZE  rcvd: 184

root@AX6S:~# dig @127.0.0.1 -p 1054 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1054 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9833
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME cn-bing-com.cn.a-0001.a-msedge.net.
cn-bing-com.cn.a-0001.a-msedge.net. 600	IN CNAME china.bing123.com.
china.bing123.com.	600	IN	A	202.89.233.100
china.bing123.com.	600	IN	A	202.89.233.101

;; Query time: 10 msec
;; SERVER: 127.0.0.1#1054(127.0.0.1) (UDP)
;; WHEN: Sun Mar 31 12:47:37 HKT 2024
;; MSG SIZE  rcvd: 184

这是开启全局edns的日志

2024-03-31 04:55:31.804:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:59800
2024-03-31 04:55:31.804:DEBUG:smartdns::app:370: request:6887 src:UDP://127.0.0.1#59800 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-03-31 04:55:31.805:DEBUG:smartdns::dns_client:248: initialize name server [Group: domestic]
2024-03-31 04:55:31.805:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: domestic]
2024-03-31 04:55:36.349:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:55994
2024-03-31 04:55:36.350:DEBUG:smartdns::app:370: request:41103 src:UDP://127.0.0.1#55994 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-03-31 04:55:36.350:DEBUG:smartdns::dns_client:248: initialize name server [Group: oversea]
2024-03-31 04:55:36.350:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: oversea]

root@AX6S:~# dig @127.0.0.1 -p 1053 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1053 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6887
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME www.bing.com.edgekey.net.
www.bing.com.edgekey.net. 600	IN	CNAME	e86303.dscx.akamaiedge.net.
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.69
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.81
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.72
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.78
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.91
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.70
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.82
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.71
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.87

;; Query time: 80 msec
;; SERVER: 127.0.0.1#1053(127.0.0.1) (UDP)
;; WHEN: Sun Mar 31 12:55:31 HKT 2024
;; MSG SIZE  rcvd: 295

root@AX6S:~# dig @127.0.0.1 -p 1054 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1054 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41103
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME www.bing.com.edgekey.net.
www.bing.com.edgekey.net. 600	IN	CNAME	e86303.dscx.akamaiedge.net.
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.83
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.90
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.87
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.81
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.68
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.69
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.70
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.80
e86303.dscx.akamaiedge.net. 600	IN	A	23.212.250.91

;; Query time: 10 msec
;; SERVER: 127.0.0.1#1054(127.0.0.1) (UDP)
;; WHEN: Sun Mar 31 12:55:36 HKT 2024
;; MSG SIZE  rcvd: 295

root@AX6S:~# 

并且还有个bug，如果同时开启全局edns和上游服务器edns-subnet，那么全局的edns会失效，并且上游服务器自己的ends-subnet也会失效，等于没有配置任何edns，单独开启全局edns关闭上游edns-subnet则正常工作。单独配置上游edns-subnet不生效。
版本是交叉编译的的arm64版本（aarch64-unknown-linux-musl）

[mokeyish]

这不可能吧，代码里是优先上游服务器的没有才使用全局的，明明白白的写在这，不会反过来。

https://github.com/mokeyish/smartdns-rs/blob/main/src/dns_client.rs#L608-L610

你可以把我截图那代码改动，改上去编译看看。

你可以 dig 命令测试的。

[giveup]

图片的改动我手动修改了，但是测试下了，似乎没有变化
首先是结果

root@AX6S:~# dig @127.0.0.1 -p 1054 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1054 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21114
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME cn-bing-com.cn.a-0001.a-msedge.net.
cn-bing-com.cn.a-0001.a-msedge.net. 600	IN CNAME china.bing123.com.
china.bing123.com.	600	IN	A	202.89.233.100
china.bing123.com.	600	IN	A	202.89.233.101

;; Query time: 79 msec
;; SERVER: 127.0.0.1#1054(127.0.0.1) (UDP)
;; WHEN: Tue Apr 02 15:22:35 HKT 2024
;; MSG SIZE  rcvd: 184

返回的是国内CDN的IP，说明并没有遵循edns设置。
接下来是日志打印，请求的确被发送到设置了国外IP的dns组，日志显示的subnet IP和配置文件一致

2024-04-02 07:22:35.139:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:46103
2024-04-02 07:22:35.140:DEBUG:smartdns::app:370: request:21114 src:UDP://127.0.0.1#46103 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-04-02 07:22:35.140:DEBUG:smartdns::dns_client:245: initialize name server [Group: oversea]
2024-04-02 07:22:35.141:DEBUG:smartdns::dns_client:587: DnsUrl { proto: Https, host: Ipv4(223.6.6.6), port: None, path: Some("/dns-query"), ip: None, params: {"ssl_verify": "false"}, fragment: None } client_subnet =>Some(ClientSubnet { address: 103.225.87.0, source_prefix: 24, scope_prefix: 0 })
2024-04-02 07:22:35.141:DEBUG:smartdns::dns_client:587: DnsUrl { proto: Https, host: Ipv4(223.5.5.5), port: None, path: Some("/dns-query"), ip: None, params: {"ssl_verify": "false"}, fragment: None } client_subnet =>Some(ClientSubnet { address: 103.225.87.0, source_prefix: 24, scope_prefix: 0 })
2024-04-02 07:22:35.141:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: oversea]

部分配置文件

bind :1054@br-lan  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
bind :1054@lo  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24

接下来是全局edns设置的测试情况
请求日志打印

2024-04-02 07:33:23.489:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:57729
2024-04-02 07:33:23.490:DEBUG:smartdns::app:370: request:48765 src:UDP://127.0.0.1#57729 type:QUERY dnssec:false QUERY:www.bing.com.:A:IN qflags:RD,AD
2024-04-02 07:33:23.490:DEBUG:smartdns::dns_client:245: initialize name server [Group: oversea]
2024-04-02 07:33:23.490:DEBUG:smartdns::dns_client:587: DnsUrl { proto: Https, host: Ipv4(223.5.5.5), port: None, path: Some("/dns-query"), ip: None, params: {"ssl_verify": "false"}, fragment: None } client_subnet =>Some(ClientSubnet { address: 103.225.87.0, source_prefix: 24, scope_prefix: 0 })
2024-04-02 07:33:23.491:DEBUG:smartdns::dns_client:587: DnsUrl { proto: Https, host: Ipv4(223.6.6.6), port: None, path: Some("/dns-query"), ip: None, params: {"ssl_verify": "false"}, fragment: None } client_subnet =>Some(ClientSubnet { address: 103.225.87.0, source_prefix: 24, scope_prefix: 0 })
2024-04-02 07:33:23.491:DEBUG:smartdns::dns_mw_ns:84: query name: www.bing.com. type: A via [Group: oversea]

配置文件，必须把所有上游dns的单独的subnet参数去掉

bind :1053@br-lan -group domestic
bind :1053@lo -group domestic
bind :1054@br-lan  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
bind :1054@lo  -no-speed-check -no-dualstack-selection -force-aaaa-soa -group oversea
edns-client-subnet 103.225.87.0/24
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea

返回结果，符合预期，返回的IP为海外

root@AX6S:~# dig @127.0.0.1 -p 1054 www.bing.com

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1054 www.bing.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48765
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME www-bing-com.dual-a-0001.a-msedge.net.
www-bing-com.dual-a-0001.a-msedge.net. 600 IN CNAME dual-a-0001.a-msedge.net.
dual-a-0001.a-msedge.net. 600	IN	A	204.79.197.200
dual-a-0001.a-msedge.net. 600	IN	A	13.107.21.200

;; Query time: 69 msec
;; SERVER: 127.0.0.1#1054(127.0.0.1) (UDP)
;; WHEN: Tue Apr 02 15:33:23 HKT 2024
;; MSG SIZE  rcvd: 173

从新增的打印日志来看，请求时用的subnet IP确实是参数配置的，但是返回结果却不符合预期。
请问我这边还需要做什么来验证？

[mokeyish]

你用这个 https://clouddocs.f5.com/training/community/dns/html/class4/module1/lab3.html

直接用dig 查询，带上client subnet 选项，比较是否与smartdns的一致。

更进一步，可以用 wireshark 抓包看看，是否带上了client subnet 但是这样，上游就必须用 udp 明文协议了。

[giveup]

我测试的时候用的就是dig

root@AX6S:~# dig -v
DiG 9.18.24

测试流程，smartdns-rs监听1053/1054，分别对应国内海外域名
使用dig工具模拟dns查询请求
抓包可能不好操作，因为这些测试用例都是在路由器里面跑的。

[mokeyish]

让你用这个测试对比

[giveup]

让你用这个测试对比

没理解这个意思，在dig请求上带上subnet，不符合实际场景，实际场景是路由器内进程发送udp请求给smartdns，然后返回结果，这些进程发送请求时也不会带上subnet的。

root@AX6S:~# dig @127.0.0.1 -p 1054  www.bing.com +subnet=9.9.9.0/24

; <<>> DiG 9.18.24 <<>> @127.0.0.1 -p 1054 www.bing.com +subnet=9.9.9.0/24
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1381
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		600	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 600 IN CNAME cn-bing-com.cn.a-0001.a-msedge.net.
cn-bing-com.cn.a-0001.a-msedge.net. 600	IN CNAME china.bing123.com.
china.bing123.com.	600	IN	A	202.89.233.100
china.bing123.com.	600	IN	A	202.89.233.101

;; Query time: 69 msec
;; SERVER: 127.0.0.1#1054(127.0.0.1) (UDP)
;; WHEN: Tue Apr 02 20:01:04 HKT 2024
;; MSG SIZE  rcvd: 184

如果是正常发给阿里dns返回的结果则符合预期

root@AX6S:~# dig @223.5.5.5  www.bing.com +subnet=9.9.9.0/24

; <<>> DiG 9.18.24 <<>> @223.5.5.5 www.bing.com +subnet=9.9.9.0/24
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64087
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; CLIENT-SUBNET: 9.9.9.0/24/24
;; QUESTION SECTION:
;www.bing.com.			IN	A

;; ANSWER SECTION:
www.bing.com.		1	IN	CNAME	www-www.bing.com.trafficmanager.net.
www-www.bing.com.trafficmanager.net. 1 IN CNAME	cn-bing-com.cn.a-0001.a-msedge.net.
cn-bing-com.cn.a-0001.a-msedge.net. 1 IN CNAME	a-0001.a-msedge.net.
a-0001.a-msedge.net.	1	IN	A	13.107.21.200
a-0001.a-msedge.net.	1	IN	A	204.79.197.200

;; Query time: 9 msec
;; SERVER: 223.5.5.5#53(223.5.5.5) (UDP)
;; WHEN: Tue Apr 02 20:01:37 HKT 2024
;; MSG SIZE  rcvd: 192

[mokeyish]

@giveup 你是指单个域名支持配置 edns? 这个确实未支持，不过可以加一下。

[mokeyish]

#300 @giveup 看看这个 PR。。。

domain-rules /github.com/ --client-subnet 9.9.9.0/24

[giveup]

似乎并没有什么变化。 @mokeyish
我想表达的意思是，按DNS组支持单独配置不同的client-subnet，例如国内组使用x.x.x.x IP作为subnet，海外组使用y.y.y.y IP作为 subnet。

2024-06-10 05:50:34.615:INFO: Smart-DNS 🐋 0.8.4 🕙 Mon Jun 10 05:40:58 UTC 2024 starting
2024-06-10 05:50:34.615:INFO: whoami 👉 smartdns-rs
2024-06-10 05:50:34.615:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: ["domestic"]] 
2024-06-10 05:50:34.615:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: ["domestic"]] 
2024-06-10 05:50:34.615:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: ["oversea"]] 
2024-06-10 05:50:34.615:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: ["oversea"]] 
2024-06-10 05:50:34.615:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: default]
2024-06-10 05:50:34.615:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: default]
2024-06-10 05:50:34.615:INFO: upstream server: https://223.5.5.5/dns-query?ssl_verify=false [Group: default]
2024-06-10 05:50:34.615:INFO: upstream server: https://223.6.6.6/dns-query?ssl_verify=false [Group: default]
2024-06-10 05:50:34.630:INFO: bootstrap-dns https://223.5.5.5/dns-query?ssl_verify=false
2024-06-10 05:50:34.630:INFO: bootstrap-dns https://223.6.6.6/dns-query?ssl_verify=false
2024-06-10 05:50:34.630:INFO: bootstrap-dns https://223.5.5.5/dns-query?ssl_verify=false
2024-06-10 05:50:34.630:INFO: bootstrap-dns https://223.6.6.6/dns-query?ssl_verify=false
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:184: append https://223.5.5.5/dns-query?ssl_verify=false to default group.
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:184: append https://223.6.6.6/dns-query?ssl_verify=false to default group.
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:184: append https://223.5.5.5/dns-query?ssl_verify=false to default group.
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:184: append https://223.6.6.6/dns-query?ssl_verify=false to default group.
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:197: create name server [Group: domestic], servers 2
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:197: create name server [Group: oversea], servers 2
2024-06-10 05:50:34.631:DEBUG:smartdns::dns_client:197: create name server [Group: Default], servers 4
2024-06-10 05:50:34.631:DEBUG:smartdns::server::net:339: binding UDP to 192.168.31.1:1053@br-lan
2024-06-10 05:50:34.631:INFO: listening for UDP on 192.168.31.1:1053@br-lan
2024-06-10 05:50:34.631:DEBUG:smartdns::server::net:339: binding UDP to 127.0.0.1:1053@lo
2024-06-10 05:50:34.631:INFO: listening for UDP on 127.0.0.1:1053@lo
2024-06-10 05:50:34.632:DEBUG:smartdns::server::net:339: binding UDP to 192.168.31.1:1054@br-lan
2024-06-10 05:50:34.632:INFO: listening for UDP on 192.168.31.1:1054@br-lan
2024-06-10 05:50:34.632:DEBUG:smartdns::server::net:339: binding UDP to 127.0.0.1:1054@lo
2024-06-10 05:50:34.632:INFO: listening for UDP on 127.0.0.1:1054@lo
2024-06-10 05:50:34.632:INFO: 
2024-06-10 05:50:34.632:INFO:      _____                      _       _____  _   _  _____ 
2024-06-10 05:50:34.632:INFO:     / ____|                    | |     |  __ \| \ | |/ ____|
2024-06-10 05:50:34.632:INFO:    | (___  _ __ ___   __ _ _ __| |_    | |  | |  \| | (___  
2024-06-10 05:50:34.632:INFO:     \___ \| '_ ` _ \ / _` | '__| __|   | |  | | . ` |\___ \ 
2024-06-10 05:50:34.633:INFO:     ____) | | | | | | (_| | |  | |_    | |__| | |\  |____) |
2024-06-10 05:50:34.633:INFO:    |_____/|_| |_| |_|\__,_|_|   \__|   |_____/|_| \_|_____/ 
2024-06-10 05:50:34.633:INFO: 
2024-06-10 05:50:34.633:INFO: awaiting connections...
2024-06-10 05:50:34.633:INFO: server starting up
2024-06-10 05:51:01.99:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:59088
2024-06-10 05:51:01.99:DEBUG:smartdns::app:391: request:50453 src:UDP://127.0.0.1#59088 type:QUERY dnssec:false QUERY:www.amd.com.:A:IN qflags:RD,AD
2024-06-10 05:51:01.99:DEBUG:smartdns::dns_client:249: initialize name server [Group: oversea]
2024-06-10 05:51:01.99:DEBUG:smartdns::dns_mw_ns:96: query name: www.amd.com. type: A via [Group: oversea]
2024-06-10 05:51:01.99:DEBUG:smartdns::dns_client:697: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-10 05:51:01.100:DEBUG:smartdns::dns_client:697: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-10 05:51:01.174:DEBUG:smartdns::dns_mw_cache:330: Domain prefetch check will be performed in 1s.
2024-06-10 05:51:10.133:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:47673
2024-06-10 05:51:10.134:DEBUG:smartdns::app:391: request:13418 src:UDP://127.0.0.1#47673 type:QUERY dnssec:false QUERY:www.amd.com.:A:IN qflags:RD,AD
2024-06-10 05:51:10.134:DEBUG:smartdns::dns_client:249: initialize name server [Group: domestic]
2024-06-10 05:51:10.135:DEBUG:smartdns::dns_mw_ns:96: query name: www.amd.com. type: A via [Group: domestic]
2024-06-10 05:51:10.135:DEBUG:smartdns::dns_client:697: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-10 05:51:10.135:DEBUG:smartdns::dns_client:697: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-10 05:51:10.144:DEBUG:smartdns::dns_mw_cache:330: Domain prefetch check will be performed in 21s.

从日志来看，两个组使用的subnet IP都是113.65.29.0，但配置文件里确实配置的是不同的IP。此种配置方式在C版是支持的。如果rust版没有支持的打算也许应该在日志里警告以提醒用户。

server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24

简单使用日志分析了下，初始化每个组使用的subnet确实和配置文件一样，但是到了查询部分，使用的subnet却是同一个。由于实在不懂rust，也没办法进一步分析了。

2024-06-11 06:00:44.471:DEBUG:smartdns::dns_client:249: initialize name server [Group: domestic]
2024-06-11 06:00:44.471:INFO: default_client_subnet None
2024-06-11 06:00:44.471:INFO: nameserver_opts Some(113.65.29.0/24)
2024-06-11 06:00:44.472:INFO: default_client_subnet None
2024-06-11 06:00:44.472:INFO: nameserver_opts Some(113.65.29.0/24)
2024-06-11 06:00:44.472:INFO: server options:  ResolverOpts { ndots: 1, timeout: 5s, attempts: 2, rotate: false, check_names: true, edns0: false, validate: false, ip_strategy: Ipv4thenIpv6, cache_size: 32, use_hosts_file: true, positive_min_ttl: None, negative_min_ttl: None, positive_max_ttl: None, negative_max_ttl: None, num_concurrent_reqs: 2, preserve_intermediates: true, try_tcp_on_error: false, server_ordering_strategy: QueryStatistics, recursion_desired: true, authentic_data: false, shuffle_dns_servers: false }
2024-06-11 06:00:44.472:INFO: self client_subnet:  None
2024-06-11 06:00:44.472:DEBUG:smartdns::dns_mw_ns:96: query name: www.amd.com. type: A via [Group: domestic]
2024-06-11 06:00:44.472:DEBUG:smartdns::dns_client:709: options.client_subnet None
2024-06-11 06:00:44.472:DEBUG:smartdns::dns_client:710: self.opts.client_subnet Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:00:44.472:DEBUG:smartdns::dns_client:712: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:00:44.472:DEBUG:smartdns::dns_client:709: options.client_subnet None
2024-06-11 06:00:44.473:DEBUG:smartdns::dns_client:710: self.opts.client_subnet Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:00:44.473:DEBUG:smartdns::dns_client:712: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:00:44.549:DEBUG:smartdns::dns_mw_cache:330: Domain prefetch check will be performed in 1s.

2024-06-11 06:01:25.154:DEBUG:smartdns::dns_client:249: initialize name server [Group: oversea]
2024-06-11 06:01:25.154:INFO: default_client_subnet None
2024-06-11 06:01:25.154:INFO: nameserver_opts Some(103.225.87.0/24)
2024-06-11 06:01:25.154:INFO: default_client_subnet None
2024-06-11 06:01:25.154:INFO: nameserver_opts Some(103.225.87.0/24)
2024-06-11 06:01:25.155:INFO: server options:  ResolverOpts { ndots: 1, timeout: 5s, attempts: 2, rotate: false, check_names: true, edns0: false, validate: false, ip_strategy: Ipv4thenIpv6, cache_size: 32, use_hosts_file: true, positive_min_ttl: None, negative_min_ttl: None, positive_max_ttl: None, negative_max_ttl: None, num_concurrent_reqs: 2, preserve_intermediates: true, try_tcp_on_error: false, server_ordering_strategy: QueryStatistics, recursion_desired: true, authentic_data: false, shuffle_dns_servers: false }
2024-06-11 06:01:25.155:INFO: self client_subnet:  None
2024-06-11 06:01:25.155:DEBUG:smartdns::dns_mw_ns:96: query name: www.amd.com. type: A via [Group: oversea]
2024-06-11 06:01:25.155:DEBUG:smartdns::dns_client:709: options.client_subnet None
2024-06-11 06:01:25.155:DEBUG:smartdns::dns_client:710: self.opts.client_subnet Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:01:25.155:DEBUG:smartdns::dns_client:712: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:01:25.156:DEBUG:smartdns::dns_client:709: options.client_subnet None
2024-06-11 06:01:25.156:DEBUG:smartdns::dns_client:710: self.opts.client_subnet Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })
2024-06-11 06:01:25.156:DEBUG:smartdns::dns_client:712: query name: www.amd.com. type: A, Some(ClientSubnet { address: 113.65.29.0, source_prefix: 24, scope_prefix: 0 })

[mokeyish]

澄清一下优先级

# 全局配置
edns-client-subnet 103.225.87.0/24

# 单独上游配置
server-https https://dns.alidns.com/dns-query -subnet 103.225.87.0/24

# 指定域名配置
- domain-rules /github.com/ --client-subnet 9.9.9.0/24  # 这个我后来改成跟 server 一致了，直接用 subnet,即下面的配置方式
+ domain-rules /github.com/ -subnet 9.9.9.0/24

优先使用 dig 的直接指定 +subnet=9.9.9.0/24，如果未指定会依次尝试取域名，上游服务器，全局的配置。

最终发给上游的 subnet 会在这里打印日志的。

smartdns-rs/src/dns_client.rs

Lines 697 to 702 in 9e03c48

	log::debug!(
	"query name: {} type: {}, {:?}",
	query.name(),
	query.query_type(),
	client_subnet
	);

你可以验证下，日志是不是打印了，你期望的 subnet ?

如果不是附上你的最小重现配置。以及重现步骤，我找时间再看看。

[giveup]

经过日志穷举法...基本定位bug原因。

smartdns-rs/src/dns_client.rs

Lines 458 to 465 in 9e03c48

	let key = format!(
	"{}: {}{:?}#{}@{}",
	url.proto(),
	**url,
	proxy.as_ref().map(|s| s.to_string()),
	so_mark.unwrap_or_default(),
	device.as_deref().unwrap_or_default(),
	);

这里拼接了配置的dns作为缓存的key，如果配置的dns都是同样的URL会导致key重复。
例如这两个组的dns只有subnet不一样

server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group domestic -subnet 113.65.29.0/24
server-https https://223.5.5.5/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24
server-https https://223.6.6.6/dns-query  -no-check-certificate -http-host dns.alidns.com -group oversea -subnet 103.225.87.0/24

但是创建dns服务器组时，会先从缓存读取，由于key重复，导致返回的dns服务器组是错误的。

smartdns-rs/src/dns_client.rs

Lines 467 to 469 in 9e03c48

	if let Some(ns) = self.cache.read().await.get(&key) {
	return ns.clone();
	}

解决方法：拼接key时，带上subnet或其他能保证唯一的参数

        //原key的格式 "https: https://223.6.6.6/dns-query?ssl_verify=falseNone#0@"
        let key = format!(
            "{}: {}{:?}#{}@{}#{:?}",
            url.proto(),
            **url,
            proxy.as_ref().map(|s| s.to_string()),
            so_mark.unwrap_or_default(),
            device.as_deref().unwrap_or_default(),
            resolver_opts.client_subnet.as_ref().map(|cs| client_subnet_to_string(cs)).unwrap_or_else(|| "None".to_string())
        );
        
        log::debug!("dns_client# cache key {:?}",key);

fn client_subnet_to_string(cs: &ClientSubnet) -> String {
    //根据 ClientSubnet 的实际字段和逻辑编写转换代码
    format!("{:?}", cs)  // 这是一个示例，使用调试输出
}

经过测试，每个dns服务器组返回的IP符合subnet结果。
PR我就不提了，因为上面的代码我也是抄chatgpt的...

[mokeyish]

嗯，原来是缓存导致的。确定原因就好解决了，我找时间解决一下。

[giveup]

另外，原C版支持smartdns --cache-print /etc/smartdns/smartdns.cache | wc -l查看缓存的域名数量，方便调整大小（因嵌入式平台内存资源较为紧张，通常需要调整缓存数量大小避免OOM）可否考虑添加如上命令行？谢谢。 @mokeyish

[mokeyish]

这个版本有接口可以看得

smartdns-rs/src/api/cache.rs

Line 15 in 9e03c48

.route("/caches", get(caches))

[mokeyish]

@giveup 麻烦验证下 #310 是否修复

[giveup]

交叉编译不通过 @mokeyish

error[E0432]: unresolved import `std::hash::DefaultHasher`
 --> src/dns_client.rs:3:12
  |
3 |     hash::{DefaultHasher, Hash, Hasher},
  |            ^^^^^^^^^^^^^ no `DefaultHasher` in `hash`
  |
  = help: consider importing one of these items instead:
          lru::DefaultHasher
          nom::lib::std::collections::hash_map::DefaultHasher
          std::collections::hash_map::DefaultHasher

warning: unused import: `Hasher`
 --> src/dns_client.rs:3:33
  |
3 |     hash::{DefaultHasher, Hash, Hasher},
  |                                 ^^^^^^
  |
  = note: `#[warn(unused_imports)]` on by default

For more information about this error, try `rustc --explain E0432`.
warning: `smartdns` (bin "smartdns") generated 1 warning
error: could not compile `smartdns` (bin "smartdns") due to previous error; 1 warning emitted

[mokeyish]

直接到 actions 下载 nightly 版本。你这原因可能 rustc 版本低。

[giveup]

没修复

2024-06-17 14:18:56.902:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:39511
2024-06-17 14:18:56.903:DEBUG:smartdns::app:392: request:53366 src:UDP://127.0.0.1#39511 type:QUERY dnssec:false QUERY:www.amd.com.:A:IN qflags:RD,AD
2024-06-17 14:18:56.903:DEBUG:smartdns::dns_client:250: initialize name server [Group: oversea]
2024-06-17 14:18:56.903:DEBUG:smartdns::dns_mw_ns:97: query name: www.amd.com. type: A via [Group: oversea]
2024-06-17 14:18:56.903:DEBUG:smartdns::dns_client:693: query name: www.amd.com. type: A subnet: 103.225.87.0/0
2024-06-17 14:18:56.903:DEBUG:smartdns::dns_client:693: query name: www.amd.com. type: A subnet: 103.225.87.0/0
2024-06-17 14:18:56.982:DEBUG:smartdns::dns_mw_cache:321: Domain prefetch check will be performed in 1s.
2024-06-17 14:18:59.104:DEBUG:smartdns::server::udp:43: received udp request from: 127.0.0.1:37944
2024-06-17 14:18:59.105:DEBUG:smartdns::app:392: request:33376 src:UDP://127.0.0.1#37944 type:QUERY dnssec:false QUERY:www.amd.com.:A:IN qflags:RD,AD
2024-06-17 14:18:59.105:DEBUG:smartdns::dns_client:250: initialize name server [Group: domestic]
2024-06-17 14:18:59.105:DEBUG:smartdns::dns_mw_ns:97: query name: www.amd.com. type: A via [Group: domestic]
2024-06-17 14:18:59.105:DEBUG:smartdns::dns_client:693: query name: www.amd.com. type: A subnet: 113.65.29.0/0
2024-06-17 14:18:59.106:DEBUG:smartdns::dns_client:693: query name: www.amd.com. type: A subnet: 113.65.29.0/0
2024-06-17 14:18:59.184:DEBUG:smartdns::dns_mw_cache:321: Domain prefetch check will be performed in 1s.

[mokeyish]

这日志，没看懂。ns 缓存的 key 是把所以配置都算进哈希了。