Great software

I really like this software, and would like to see in the new versions the use of two dns servers at the same time, is it possible? mtu for my local dns is only 512, and the speed is very low (0.02mbit/sec), and the provider gives two dns addresses

That’s an interesting idea. It’s conceptually possible, because the Turbo Tunnel reliability layer should permit multiplexing over multiple network paths. One way to do it might be to have NewDNSPacketConn accept a list of transport+addr pairs, and start up a recvLoop and sendLoop for each.

The user interface would need some thought. The Go flag package doesn’t make it easy to, for example, accept multiple -udp options with different values.

I think it would require a non-trivial amount of effort to implement, and I’m not likely to do it myself. Let me suggest a test that may tell us whether there’s a performance improvement that makes it worth the effort. Install dnsmasq or another local DNS forwarding proxy that supports multiple upstream resolvers. Run dnsmasq with --no-resolve and a --server option for each of the upstream resolvers. Then run dnstt-client with -udp pointing to the local dnsmasq port. The diagram would look like this:

       localhost       |     Internet      |    server
                       |                   |
                       |  .--upstream1--.  |
dnstt-client---dnsmasq---<               >---dnstt-server
                       |  '--upstream2--'  |

This way, distributing queries over multiple resolvers is done by dnsmasq, rather than being a feature built into dnstt-client. If you try this, please let us know if it affects performance in your case.

“dnsmasq -p 8000 --no-resolv --server=10.153.3.196 --server=10.153.3.220”
sadly no change :frowning:

Thanks for running the test :slight_smile: So either this multiplexing doesn’t help performance, or dnsmasq itself doesn’t distribute queries across its upstreams in a way that helps.

If you want, you might try alternative local DNS forwarders, like doh-proxy (I’m not sure if doh-proxy can accept non-DoH connections) or dnscache.

could you analyze the operation of this dns tunnel? it runs very fast

No, I don’t have time to reverse engineer other VPNs.

Are you sure it’s really a DNS tunnel? It may only resemble DNS; i.e., send UDP packets encoded as DNS message to UDP port 53. It may not actually work through a recursive resolver. If that’s the case, it can probably be blocked by blocking the IP addresses of the servers.

If you just need a fast tunnel that uses UDP/53, you can try kcptun. But you will have to install your own server.

Thx! I’ll try