Equal IPs among servers and relays #1875
Replies: 1 comment
-
|
When using wildcards, But manual selection remains highly recommended. First, because there's no explicit correlation between an IP address and its owner. Also, some people don't care about having the relay and the server in the same country. Some people do. Some people want these not only to be in different countries, but also in groups of countries that don't share intelligence. Some people don't care about latency, some people do. Long story short, this is impossible to automate. Which is why using wildcards is not recommended. |
Beta Was this translation helpful? Give feedback.
-
Some servers host both DNSCrypt servers and relays (or ODOH servers and relays).
The problem is when using a relay hosted in a server which has a DNSCrypt server hosted with it, DNSCrypt wil randomly pick up servers and there is a chance of pick up a server with same IP of relay.
Example:
There is a servers called "meganerd" and a relay called "anon-meganerd", the two have the same IP, when using "anon-meganerd" as relay, there is a chance that DNSCrypt can pick up the server "meganerd" when doing a DNS probe, and so, the server can easily correlate the traffic between the two connections. This means: NO ANONYMITY.
DNSCrypt should have a mechanism of avoiding using two equal IPs when doing connections.
Here I use dutch relays (as Netherlands don't logs IPs):
{ server_name='*', via=['anon-acsacsar-ams-ipv4', 'anon-ams-nl', 'anon-meganerd', 'anon-scaleway-ams'] }But I had to blacklist the same servers of DNSCrypt public servers list:
disabled_server_names = ['acsacsar-ams-ipv4', 'ams-dnscrypt-nl', 'meganerd', 'scaleway-ams']Doing this automatically would be a nice feature.
Beta Was this translation helpful? Give feedback.
All reactions