Static Server
Test suite that connects DUT1 over DUT0 using DoH. Meanwhile, DUT0 establishes a connection with the upstream server and forwards DNS queries to it.
Server With Upstream DoH
Description
Configures DUT0 to connect, using DNS-over-HTTPS (DoH) over an upstream server.
Scenario
Step 1: Set the following configuration in DUT0:
set system certificate trust running://remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-over-https host name remote.dns set service dns proxy static RD protocol dns-over-https ip 10.215.168.1 set service dns proxy static RD protocol dns-over-https hash f8bc50bc5ac15ce0f76e30e6a004a073889a788f693866f15b90a61d26d26c4f set service dns proxy server cert file 'running://dns.dut0.crt' set service dns proxy server cert key 'running://dns.dut0.key' set service dns resolver local set service dns static host-name teldat.com inet 10.11.12.13
Step 2: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
^(?m)^.*\[RD\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:22:45 UTC, end at Thu 2024-10-10 07:22:50 UTC. -- Oct 10 07:22:45.311577 osdx systemd-journald[1707]: Runtime journal (/run/log/journal/0478719b9ca24dfc881db6c3460ca916) is 2.0M, max 16.0M, 14.0M free. Oct 10 07:22:45.329423 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:22:45.754942 osdx osdx-coredump[4204]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:22:45.761328 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:22:46.330257 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:22:46.396559 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.64/24'. Oct 10 07:22:46.483151 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:22:46.551538 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:22:46.613060 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:22:46.649728 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:22:46.675579 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:22:46.810863 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Oct 10 07:22:47.657489 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:22:47.712273 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set system certificate trust running://remote.dns-server.crt'. Oct 10 07:22:47.804405 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server-name RD'. Oct 10 07:22:47.919473 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-over-https host name remote.dns'. Oct 10 07:22:47.988438 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-over-https ip 10.215.168.1'. Oct 10 07:22:48.109613 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-over-https hash f8bc50bc5ac15ce0f76e30e6a004a073889a788f693866f15b90a61d26d26c4f'. Oct 10 07:22:48.167988 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert file 'running://dns.dut0.crt''. Oct 10 07:22:48.268084 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert key 'running://dns.dut0.key''. Oct 10 07:22:48.320864 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns resolver local'. Oct 10 07:22:48.487436 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns static host-name teldat.com inet 10.11.12.13'. Oct 10 07:22:48.612926 osdx ca-certificates[4319]: Updating certificates in /etc/ssl/certs... Oct 10 07:22:49.083034 osdx ca-certificates[5303]: 1 added, 0 removed; done. Oct 10 07:22:49.086050 osdx ca-certificates[5310]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:22:49.088831 osdx ca-certificates[5312]: done. Oct 10 07:22:49.196251 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:22:49.198466 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:22:49.201109 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:22:49.210613 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:22:49.210828 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Network connectivity detected Oct 10 07:22:49.211070 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Dropping privileges Oct 10 07:22:49.212955 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Network connectivity detected Oct 10 07:22:49.213028 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:22:49.213028 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:22:49.213028 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Now listening to https://[::]:3000/dns-query [DoH] Oct 10 07:22:49.213028 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Firefox workaround initialized Oct 10 07:22:49.213028 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:49] [NOTICE] Loading the set of cloaking rules from [/tmp/tmp_F0ygC] Oct 10 07:22:49.223153 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:22:49.392328 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:49.588665 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:49.799644 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:50.000796 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:50.206442 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:50.245768 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:50] [CRITICAL] [RD] may be a lying resolver Oct 10 07:22:50.245768 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:50] [NOTICE] [RD] OK (DoH) - rtt: 1006ms Oct 10 07:22:50.245768 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:50] [NOTICE] Server with the lowest initial latency: RD (rtt: 1006ms) Oct 10 07:22:50.245768 osdx dnscrypt-proxy[5365]: [2024-10-10 07:22:50] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 3: Set the following configuration in DUT1:
set service dns static host-name dns.dut0 inet 10.215.168.64 set system certificate trust running://CA.crt set service dns proxy server-name DUT0 set service dns proxy static DUT0 protocol dns-over-https host name dns.dut0 set service dns proxy static DUT0 protocol dns-over-https host port 3000 set service dns proxy static DUT0 protocol dns-over-https ip 10.215.168.64 set service dns proxy static DUT0 protocol dns-over-https hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376
Step 4: Run command system journal show | cat at DUT1 and check if output matches the following regular expressions:
^(?m)^.*\[DUT0\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:22:46 UTC, end at Thu 2024-10-10 07:22:56 UTC. -- Oct 10 07:22:46.297606 osdx systemd-journald[1558]: Runtime journal (/run/log/journal/03399a58c21647ee8e0fe05f3adcf81f) is 1.2M, max 9.7M, 8.5M free. Oct 10 07:22:46.309923 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:22:46.897992 osdx osdx-coredump[14131]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:22:46.904062 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:22:47.819987 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:22:47.885043 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.65/24'. Oct 10 07:22:47.969688 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:22:48.022659 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service ssh'. Oct 10 07:22:48.146082 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:22:48.257575 osdx systemd[1]: Starting OpenBSD Secure Shell server... Oct 10 07:22:48.266814 osdx sshd[14205]: Server listening on 0.0.0.0 port 22. Oct 10 07:22:48.267007 osdx sshd[14205]: Server listening on :: port 22. Oct 10 07:22:48.267110 osdx systemd[1]: Started OpenBSD Secure Shell server. Oct 10 07:22:48.279311 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:22:48.313302 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:22:48.329588 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:22:48.468256 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'ping 10.215.168.64 count 1 size 56 timeout 1'. Oct 10 07:22:51.430738 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:22:51.488501 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns static host-name dns.dut0 inet 10.215.168.64'. Oct 10 07:22:51.575287 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set system certificate trust running://CA.crt'. Oct 10 07:22:51.630693 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy server-name DUT0'. Oct 10 07:22:51.742301 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https host name dns.dut0'. Oct 10 07:22:51.798073 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https host port 3000'. Oct 10 07:22:51.899951 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https ip 10.215.168.64'. Oct 10 07:22:51.959278 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376'. Oct 10 07:22:52.075257 osdx ca-certificates[14268]: Updating certificates in /etc/ssl/certs... Oct 10 07:22:52.483175 osdx ca-certificates[15256]: 1 added, 0 removed; done. Oct 10 07:22:52.487076 osdx ca-certificates[15259]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:22:52.490457 osdx ca-certificates[15263]: done. Oct 10 07:22:52.539184 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:22:52.541249 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:22:52.547637 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:22:52.558527 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:22:52.558766 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Network connectivity detected Oct 10 07:22:52.559050 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Dropping privileges Oct 10 07:22:52.560831 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Network connectivity detected Oct 10 07:22:52.560925 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:22:52.560964 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:22:52.561019 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Firefox workaround initialized Oct 10 07:22:52.561053 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:52] [NOTICE] Loading the set of cloaking rules from [/tmp/tmpM8Nx64] Oct 10 07:22:52.567238 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:22:52.714802 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:52.919149 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:53.135418 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:53.366346 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:53.586788 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:53.783783 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:53.999293 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:54.190943 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:54.383395 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:54.610678 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:54.836896 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:55.034366 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:55.234278 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:55.437747 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:55.649192 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:55.858492 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:56.066541 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:56.268188 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:56.469293 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:56.675275 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:22:56.777537 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:56] [NOTICE] [DUT0] OK (DoH) - rtt: 119ms Oct 10 07:22:56.777537 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:56] [NOTICE] Server with the lowest initial latency: DUT0 (rtt: 119ms) Oct 10 07:22:56.777537 osdx dnscrypt-proxy[15271]: [2024-10-10 07:22:56] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 5: Run command show host lookup teldat.com type A at DUT1 and check if output contains the following tokens:
teldat.com has address 10.11.12.13Show output
teldat.com has address 10.11.12.13
Server With Upstream DoH With Stamp
Description
Configures DUT0 to connect, using DNS-over-HTTPS (DoH) over an upstream server (generating a DNS stamp and using it to configure the connection).
Scenario
Step 1: Run command service dns proxy stamp calculate dns-over-https host-name remote.dns host-path /dns-query host-port 443 ip 10.215.168.1 hash f8bc50bc5ac15ce0f76e30e6a004a073889a788f693866f15b90a61d26d26c4f at DUT0 and expect this output:
Show output
sdns://AgAAAAAAAAAADDEwLjIxNS4xNjguMSD4vFC8WsFc4PduMOagBKBziJp4j2k4ZvFbkKYdJtJsTwpyZW1vdGUuZG5zCi9kbnMtcXVlcnk
Step 2: Set the following configuration in DUT0:
set system certificate trust running://remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD stamp 'sdns://AgAAAAAAAAAADDEwLjIxNS4xNjguMSD4vFC8WsFc4PduMOagBKBziJp4j2k4ZvFbkKYdJtJsTwpyZW1vdGUuZG5zCi9kbnMtcXVlcnk' set service dns proxy server cert file 'running://dns.dut0.crt' set service dns proxy server cert key 'running://dns.dut0.key' set service dns static host-name teldat.com inet 10.11.12.13 set service dns resolver local set service dns static host-name teldat.com inet 10.11.12.13
Step 3: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
^(?m)^.*\[RD\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:04 UTC, end at Thu 2024-10-10 07:23:10 UTC. -- Oct 10 07:23:04.276972 osdx systemd-journald[1707]: Runtime journal (/run/log/journal/0478719b9ca24dfc881db6c3460ca916) is 2.0M, max 16.0M, 14.0M free. Oct 10 07:23:04.309122 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:04.678740 osdx osdx-coredump[7045]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:04.684680 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:05.224553 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:05.287689 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.64/24'. Oct 10 07:23:05.376813 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:05.450210 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:05.507372 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:05.535174 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:05.550999 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:23:05.687867 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Oct 10 07:23:07.555355 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'service dns proxy stamp calculate dns-over-https host-name remote.dns host-path /dns-query host-port 443 ip 10.215.168.1 hash f8bc50bc5ac15ce0f76e30e6a004a073889a788f693866f15b90a61d26d26c4f'. Oct 10 07:23:07.699596 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:07.756076 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set system certificate trust running://remote.dns-server.crt'. Oct 10 07:23:07.847819 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server-name RD'. Oct 10 07:23:07.906649 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD stamp 'sdns://AgAAAAAAAAAADDEwLjIxNS4xNjguMSD4vFC8WsFc4PduMOagBKBziJp4j2k4ZvFbkKYdJtJsTwpyZW1vdGUuZG5zCi9kbnMtcXVlcnk''. Oct 10 07:23:07.995130 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert file 'running://dns.dut0.crt''. Oct 10 07:23:08.055267 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert key 'running://dns.dut0.key''. Oct 10 07:23:08.152872 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns static host-name teldat.com inet 10.11.12.13'. Oct 10 07:23:08.205699 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns resolver local'. Oct 10 07:23:08.291725 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns static host-name teldat.com inet 10.11.12.13'. Oct 10 07:23:08.379997 osdx ca-certificates[7164]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:08.810393 osdx ca-certificates[8147]: 1 added, 0 removed; done. Oct 10 07:23:08.814191 osdx ca-certificates[8154]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:08.817945 osdx ca-certificates[8156]: done. Oct 10 07:23:08.915461 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:08.917069 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:08.919588 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:08.935594 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:23:08.935992 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:08.936124 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Network connectivity detected Oct 10 07:23:08.936406 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Dropping privileges Oct 10 07:23:08.939007 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Network connectivity detected Oct 10 07:23:08.939048 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:08.939048 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:08.939091 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Now listening to https://[::]:3000/dns-query [DoH] Oct 10 07:23:08.939091 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Firefox workaround initialized Oct 10 07:23:08.939091 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:08] [NOTICE] Loading the set of cloaking rules from [/tmp/tmp005URo] Oct 10 07:23:09.077746 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:09.264673 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:09.456653 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:09.648114 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:09.875879 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:10.071139 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:10.113193 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:10] [NOTICE] [RD] OK (DoH) - rtt: 140ms Oct 10 07:23:10.113193 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:10] [NOTICE] Server with the lowest initial latency: RD (rtt: 140ms) Oct 10 07:23:10.113193 osdx dnscrypt-proxy[8209]: [2024-10-10 07:23:10] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 4: Run command service dns proxy stamp calculate dns-over-https host-name dns.dut0 host-path /dns-query host-port 3000 ip 10.215.168.64 hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376 at DUT1 and expect this output:
Show output
sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5
Step 5: Set the following configuration in DUT1:
set service dns static host-name dns.dut0 inet 10.215.168.64 set system certificate trust running://CA.crt set service dns proxy server-name DUT0 set service dns proxy static DUT0 stamp 'sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5'
Step 6: Run command system journal show | cat at DUT1 and check if output matches the following regular expressions:
^(?m)^.*\[DUT0\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:04 UTC, end at Thu 2024-10-10 07:23:20 UTC. -- Oct 10 07:23:04.280119 osdx systemd-journald[1558]: Runtime journal (/run/log/journal/03399a58c21647ee8e0fe05f3adcf81f) is 1.2M, max 9.7M, 8.5M free. Oct 10 07:23:04.288520 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:04.792127 osdx osdx-coredump[17000]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:04.798180 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:06.715285 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:06.780099 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.65/24'. Oct 10 07:23:06.864867 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:06.917672 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service ssh'. Oct 10 07:23:07.046066 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:07.155522 osdx systemd[1]: Starting OpenBSD Secure Shell server... Oct 10 07:23:07.164712 osdx sshd[17073]: Server listening on 0.0.0.0 port 22. Oct 10 07:23:07.164942 osdx sshd[17073]: Server listening on :: port 22. Oct 10 07:23:07.165049 osdx systemd[1]: Started OpenBSD Secure Shell server. Oct 10 07:23:07.179773 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:07.218245 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:07.236011 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:07.369949 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'ping 10.215.168.64 count 1 size 56 timeout 1'. Oct 10 07:23:10.328354 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'service dns proxy stamp calculate dns-over-https host-name dns.dut0 host-path /dns-query host-port 3000 ip 10.215.168.64 hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376'. Oct 10 07:23:10.473244 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:10.551494 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns static host-name dns.dut0 inet 10.215.168.64'. Oct 10 07:23:10.657060 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set system certificate trust running://CA.crt'. Oct 10 07:23:10.734092 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy server-name DUT0'. Oct 10 07:23:10.840229 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 stamp 'sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5''. Oct 10 07:23:10.924513 osdx ca-certificates[17137]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:11.361356 osdx ca-certificates[18121]: 1 added, 0 removed; done. Oct 10 07:23:11.365611 osdx ca-certificates[18124]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:11.369574 osdx ca-certificates[18128]: done. Oct 10 07:23:11.421163 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:11.423514 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:11.430991 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:11.442580 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:11.442837 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Network connectivity detected Oct 10 07:23:11.443122 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Dropping privileges Oct 10 07:23:11.446868 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:11.447427 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Network connectivity detected Oct 10 07:23:11.447514 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:11.447557 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:11.447613 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Firefox workaround initialized Oct 10 07:23:11.447649 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:11] [NOTICE] Loading the set of cloaking rules from [/tmp/tmpmQYva7] Oct 10 07:23:11.581390 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:11.772493 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:11.979641 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:12.170983 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:12.363271 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:12.551799 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:12.767557 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:12.962805 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:13.158168 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:13.355577 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:13.552839 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:13.749364 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:13.943840 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:14.147969 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:14.350306 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:14.553729 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:14.770319 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:14.987008 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:15.203698 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:15.416549 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:15.448371 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:15] [NOTICE] System DNS configuration not usable yet, exceptionally resolving [dns.dut0] using fallback resolvers over tcp Oct 10 07:23:15.646652 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:15.852413 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:16.061693 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:16.269212 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:16.476709 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:16.684601 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:16.901920 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:17.132264 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:17.369421 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:17.623100 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:17.858248 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:18.102606 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:18.320814 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:18.541006 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:18.794612 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:19.054695 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:19.279186 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:19.539103 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:19] [NOTICE] System DNS configuration not usable yet, exceptionally resolving [dns.dut0] using fallback resolvers over tcp Oct 10 07:23:19.565168 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:19.813150 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:20.056369 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:20.362259 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:20.570053 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:20] [CRITICAL] [DUT0] may be a lying resolver Oct 10 07:23:20.570053 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:20] [NOTICE] [DUT0] OK (DoH) - rtt: 1010ms Oct 10 07:23:20.570053 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:20] [NOTICE] Server with the lowest initial latency: DUT0 (rtt: 1010ms) Oct 10 07:23:20.570053 osdx dnscrypt-proxy[18136]: [2024-10-10 07:23:20] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 7: Run command show host lookup teldat.com type A at DUT1 and check if output contains the following tokens:
teldat.com has address 10.11.12.13Show output
teldat.com has address 10.11.12.13
Server With Upstream DNSCrypt
Description
Configures DUT0 to connect, using DNSCrypt over an upstream server.
Scenario
Step 1: Run command service dns proxy dnscrypt public-key running://dnscrypt.crt at DUT0 and expect this output:
Show output
91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5
Step 2: Set the following configuration in DUT0:
set system certificate trust running://remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-crypt ip 10.215.168.1 set service dns proxy static RD protocol dns-crypt port 8443 set service dns proxy static RD protocol dns-crypt provider name 2.dnscrypt-cert.remote.dns set service dns proxy static RD protocol dns-crypt provider public-key 91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5 set service dns resolver local set service dns proxy server cert file 'running://dns.dut0.crt' set service dns proxy server cert key 'running://dns.dut0.key' set service dns static host-name teldat.com inet 10.11.12.13
Step 3: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
^(?m)^.*\[RD\] OK \(DNSCrypt\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:25 UTC, end at Thu 2024-10-10 07:23:29 UTC. -- Oct 10 07:23:25.339019 osdx systemd-journald[1707]: Runtime journal (/run/log/journal/0478719b9ca24dfc881db6c3460ca916) is 2.0M, max 16.0M, 14.0M free. Oct 10 07:23:25.359123 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:25.725312 osdx osdx-coredump[9889]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:25.731262 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:26.284942 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:26.357417 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.64/24'. Oct 10 07:23:26.442304 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:26.557782 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:26.617917 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:26.644623 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:26.660478 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:23:26.796648 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Oct 10 07:23:27.617983 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'service dns proxy dnscrypt public-key running://dnscrypt.crt'. Oct 10 07:23:27.753314 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:27.808180 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set system certificate trust running://remote.dns-server.crt'. Oct 10 07:23:27.895733 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server-name RD'. Oct 10 07:23:27.959116 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-crypt ip 10.215.168.1'. Oct 10 07:23:28.055962 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-crypt port 8443'. Oct 10 07:23:28.119350 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-crypt provider name 2.dnscrypt-cert.remote.dns'. Oct 10 07:23:28.216286 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD protocol dns-crypt provider public-key 91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5'. Oct 10 07:23:28.263407 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns resolver local'. Oct 10 07:23:28.359343 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert file 'running://dns.dut0.crt''. Oct 10 07:23:28.419953 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert key 'running://dns.dut0.key''. Oct 10 07:23:28.513663 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns static host-name teldat.com inet 10.11.12.13'. Oct 10 07:23:28.595796 osdx ca-certificates[10007]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:29.035135 osdx ca-certificates[10995]: 1 added, 0 removed; done. Oct 10 07:23:29.038043 osdx ca-certificates[11001]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:29.041110 osdx ca-certificates[11003]: done. Oct 10 07:23:29.131858 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:29.133283 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:29.136119 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:29.146816 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:29.147004 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Network connectivity detected Oct 10 07:23:29.147173 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Dropping privileges Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Network connectivity detected Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Now listening to https://[::]:3000/dns-query [DoH] Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Firefox workaround initialized Oct 10 07:23:29.149352 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Loading the set of cloaking rules from [/tmp/tmpeicnFI] Oct 10 07:23:29.149732 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] [RD] OK (DNSCrypt) - rtt: 0ms Oct 10 07:23:29.149732 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] Server with the lowest initial latency: RD (rtt: 0ms) Oct 10 07:23:29.149732 osdx dnscrypt-proxy[11056]: [2024-10-10 07:23:29] [NOTICE] dnscrypt-proxy is ready - live servers: 1 Oct 10 07:23:29.153917 osdx OSDxCLI[22192]: User 'admin' left the configuration menu.
Step 4: Set the following configuration in DUT1:
set service dns static host-name dns.dut0 inet 10.215.168.64 set system certificate trust running://CA.crt set service dns proxy server-name DUT0 set service dns proxy static DUT0 protocol dns-over-https host name dns.dut0 set service dns proxy static DUT0 protocol dns-over-https host port 3000 set service dns proxy static DUT0 protocol dns-over-https ip 10.215.168.64 set service dns proxy static DUT0 protocol dns-over-https hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376
Step 5: Run command system journal show | cat at DUT1 and check if output matches the following regular expressions:
^(?m)^.*\[DUT0\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:25 UTC, end at Thu 2024-10-10 07:23:36 UTC. -- Oct 10 07:23:25.311183 osdx systemd-journald[1558]: Runtime journal (/run/log/journal/03399a58c21647ee8e0fe05f3adcf81f) is 1.2M, max 9.7M, 8.5M free. Oct 10 07:23:25.323716 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:25.832659 osdx osdx-coredump[19968]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:25.838602 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:26.834399 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:26.901356 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.65/24'. Oct 10 07:23:26.985030 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:27.030960 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service ssh'. Oct 10 07:23:27.151443 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:27.242350 osdx systemd[1]: Starting OpenBSD Secure Shell server... Oct 10 07:23:27.251483 osdx sshd[20041]: Server listening on 0.0.0.0 port 22. Oct 10 07:23:27.251669 osdx sshd[20041]: Server listening on :: port 22. Oct 10 07:23:27.251761 osdx systemd[1]: Started OpenBSD Secure Shell server. Oct 10 07:23:27.263748 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:27.287809 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:27.303063 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:27.429542 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'ping 10.215.168.64 count 1 size 56 timeout 1'. Oct 10 07:23:29.291332 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:29.348551 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns static host-name dns.dut0 inet 10.215.168.64'. Oct 10 07:23:29.441124 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set system certificate trust running://CA.crt'. Oct 10 07:23:29.491533 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy server-name DUT0'. Oct 10 07:23:29.604096 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https host name dns.dut0'. Oct 10 07:23:29.658558 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https host port 3000'. Oct 10 07:23:29.751986 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https ip 10.215.168.64'. Oct 10 07:23:29.810849 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 protocol dns-over-https hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376'. Oct 10 07:23:29.926620 osdx ca-certificates[20104]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:30.348271 osdx ca-certificates[21088]: 1 added, 0 removed; done. Oct 10 07:23:30.351734 osdx ca-certificates[21091]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:30.355059 osdx ca-certificates[21095]: done. Oct 10 07:23:30.410434 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:30.412830 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:30.416721 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:30.431035 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:30.434796 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:30.435033 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Network connectivity detected Oct 10 07:23:30.435304 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Dropping privileges Oct 10 07:23:30.436793 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Network connectivity detected Oct 10 07:23:30.436878 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:30.436918 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:30.436967 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Firefox workaround initialized Oct 10 07:23:30.437001 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:30] [NOTICE] Loading the set of cloaking rules from [/tmp/tmphQyYnV] Oct 10 07:23:30.570816 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:30.767247 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:30.957427 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:31.153218 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:31.347326 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:31.559838 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:31.760845 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:31.953953 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:32.158971 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:32.398667 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:32.607948 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:32.806279 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:33.003244 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:33.203720 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:33.401025 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:33.602603 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:33.798496 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:34.006037 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:34.214149 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:34.420375 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:34.645764 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:34.861788 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:35.113599 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:35.332378 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:35.564500 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:35.799359 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:36.047547 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:36.288007 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:36.466969 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:36] [NOTICE] System DNS configuration not usable yet, exceptionally resolving [dns.dut0] using fallback resolvers over tcp Oct 10 07:23:36.521101 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:36.594252 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:36] [NOTICE] [DUT0] OK (DoH) - rtt: 109ms Oct 10 07:23:36.594252 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:36] [NOTICE] Server with the lowest initial latency: DUT0 (rtt: 109ms) Oct 10 07:23:36.594252 osdx dnscrypt-proxy[21103]: [2024-10-10 07:23:36] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 6: Run command show host lookup teldat.com type A at DUT1 and check if output contains the following tokens:
teldat.com has address 10.11.12.13Show output
teldat.com has address 10.11.12.13
Server With Upstream DNSCrypt With Stamp
Description
Configures DUT0 to connect, using DNSCrypt over an upstream server (generating a DNS stamp and using it to configure the connection).
Scenario
Step 1: Run command service dns proxy dnscrypt public-key running://dnscrypt.crt at DUT0 and expect this output:
Show output
91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5
Step 2: Run command service dns proxy stamp calculate dns-crypt provider-name 2.dnscrypt-cert.remote.dns provider-key 91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5 ip 10.215.168.1 port 8443 at DUT0 and expect this output:
Show output
sdns://AQAAAAAAAAAAETEwLjIxNS4xNjguMTo4NDQzIJFa-O8D858C83vc8QKBvj_p6FQs5860T8kwWKpqzxnlGjIuZG5zY3J5cHQtY2VydC5yZW1vdGUuZG5z
Step 3: Set the following configuration in DUT0:
set system certificate trust running://remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD stamp 'sdns://AQAAAAAAAAAAETEwLjIxNS4xNjguMTo4NDQzIJFa-O8D858C83vc8QKBvj_p6FQs5860T8kwWKpqzxnlGjIuZG5zY3J5cHQtY2VydC5yZW1vdGUuZG5z' set service dns resolver local set service dns proxy server cert file 'running://dns.dut0.crt' set service dns proxy server cert key 'running://dns.dut0.key' set service dns static host-name teldat.com inet 10.11.12.13
Step 4: Run command system journal show | cat at DUT0 and check if output matches the following regular expressions:
^(?m)^.*\[RD\] OK \(DNSCrypt\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:48 UTC, end at Thu 2024-10-10 07:23:52 UTC. -- Oct 10 07:23:48.304970 osdx systemd-journald[1707]: Runtime journal (/run/log/journal/0478719b9ca24dfc881db6c3460ca916) is 2.0M, max 16.0M, 14.0M free. Oct 10 07:23:48.328975 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:48.722494 osdx osdx-coredump[12707]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:48.728844 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:49.292447 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:49.397638 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.64/24'. Oct 10 07:23:49.451125 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:49.571193 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:49.644237 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:49.672504 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:49.688971 osdx OSDxCLI[22192]: User 'admin' left the configuration menu. Oct 10 07:23:49.821319 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'ping 10.215.168.1 count 1 size 56 timeout 1'. Oct 10 07:23:50.676186 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'service dns proxy dnscrypt public-key running://dnscrypt.crt'. Oct 10 07:23:50.763930 osdx OSDxCLI[22192]: User 'admin' executed a new command: 'service dns proxy stamp calculate dns-crypt provider-name 2.dnscrypt-cert.remote.dns provider-key 91:5a:f8:ef:03:f3:9f:02:f3:7b:dc:f1:02:81:be:3f:e9:e8:54:2c:e7:ce:b4:4f:c9:30:58:aa:6a:cf:19:e5 ip 10.215.168.1 port 8443'. Oct 10 07:23:50.910962 osdx OSDxCLI[22192]: User 'admin' entered the configuration menu. Oct 10 07:23:50.967318 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set system certificate trust running://remote.dns-server.crt'. Oct 10 07:23:51.063408 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server-name RD'. Oct 10 07:23:51.126455 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy static RD stamp 'sdns://AQAAAAAAAAAAETEwLjIxNS4xNjguMTo4NDQzIJFa-O8D858C83vc8QKBvj_p6FQs5860T8kwWKpqzxnlGjIuZG5zY3J5cHQtY2VydC5yZW1vdGUuZG5z''. Oct 10 07:23:51.225797 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns resolver local'. Oct 10 07:23:51.283428 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert file 'running://dns.dut0.crt''. Oct 10 07:23:51.375629 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns proxy server cert key 'running://dns.dut0.key''. Oct 10 07:23:51.428278 osdx OSDxCLI[22192]: User 'admin' added a new cfg line: 'set service dns static host-name teldat.com inet 10.11.12.13'. Oct 10 07:23:51.549121 osdx ca-certificates[12825]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:52.004133 osdx ca-certificates[13810]: 1 added, 0 removed; done. Oct 10 07:23:52.007995 osdx ca-certificates[13816]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:52.011800 osdx ca-certificates[13818]: done. Oct 10 07:23:52.117123 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:52.118902 osdx cfgd[1323]: [22192]Completed change to active configuration Oct 10 07:23:52.121384 osdx OSDxCLI[22192]: User 'admin' committed the configuration. Oct 10 07:23:52.132457 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:52.132640 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Network connectivity detected Oct 10 07:23:52.132788 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Dropping privileges Oct 10 07:23:52.134501 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Network connectivity detected Oct 10 07:23:52.134527 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:52.134550 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:52.134550 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Now listening to https://[::]:3000/dns-query [DoH] Oct 10 07:23:52.134589 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Firefox workaround initialized Oct 10 07:23:52.134589 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Loading the set of cloaking rules from [/tmp/tmpCsp6Sk] Oct 10 07:23:52.135146 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] [RD] OK (DNSCrypt) - rtt: 0ms Oct 10 07:23:52.135146 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] Server with the lowest initial latency: RD (rtt: 0ms) Oct 10 07:23:52.135146 osdx dnscrypt-proxy[13871]: [2024-10-10 07:23:52] [NOTICE] dnscrypt-proxy is ready - live servers: 1 Oct 10 07:23:52.147042 osdx OSDxCLI[22192]: User 'admin' left the configuration menu.
Step 5: Run command service dns proxy stamp calculate dns-over-https host-name dns.dut0 host-path /dns-query host-port 3000 ip 10.215.168.64 hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376 at DUT1 and expect this output:
Show output
sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5
Step 6: Set the following configuration in DUT1:
set service dns static host-name dns.dut0 inet 10.215.168.64 set system certificate trust running://CA.crt set service dns proxy server-name DUT0 set service dns proxy static DUT0 stamp 'sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5'
Step 7: Run command system journal show | cat at DUT1 and check if output matches the following regular expressions:
^(?m)^.*\[DUT0\] OK \(DoH\) - rtt: \d+ms$Show output
-- Logs begin at Thu 2024-10-10 07:23:48 UTC, end at Thu 2024-10-10 07:24:02 UTC. -- Oct 10 07:23:48.297776 osdx systemd-journald[1558]: Runtime journal (/run/log/journal/03399a58c21647ee8e0fe05f3adcf81f) is 1.2M, max 9.7M, 8.5M free. Oct 10 07:23:48.306916 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal clear'. Oct 10 07:23:48.848587 osdx osdx-coredump[22872]: Deleting all coredumps in /opt/vyatta/etc/config/coredump... Oct 10 07:23:48.854868 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system coredump delete all'. Oct 10 07:23:49.835826 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:49.904357 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set interfaces ethernet eth0 address 10.215.168.65/24'. Oct 10 07:23:49.986270 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set protocols static route 0.0.0.0/0 next-hop 10.215.168.1'. Oct 10 07:23:50.035531 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service ssh'. Oct 10 07:23:50.160187 osdx kernel: 8021q: adding VLAN 0 to HW filter on device eth0 Oct 10 07:23:50.290828 osdx systemd[1]: Starting OpenBSD Secure Shell server... Oct 10 07:23:50.300817 osdx sshd[22945]: Server listening on 0.0.0.0 port 22. Oct 10 07:23:50.301049 osdx sshd[22945]: Server listening on :: port 22. Oct 10 07:23:50.301163 osdx systemd[1]: Started OpenBSD Secure Shell server. Oct 10 07:23:50.316541 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:50.348161 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:50.364700 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:50.508967 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'ping 10.215.168.64 count 1 size 56 timeout 1'. Oct 10 07:23:52.296633 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'service dns proxy stamp calculate dns-over-https host-name dns.dut0 host-path /dns-query host-port 3000 ip 10.215.168.64 hash de83cfd82d5fd71e5f31e68b101dab8580a5d5a0a9e452bb18d968846da40376'. Oct 10 07:23:52.436187 osdx OSDxCLI[1741]: User 'admin' entered the configuration menu. Oct 10 07:23:52.498041 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns static host-name dns.dut0 inet 10.215.168.64'. Oct 10 07:23:52.587726 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set system certificate trust running://CA.crt'. Oct 10 07:23:52.643088 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy server-name DUT0'. Oct 10 07:23:52.747248 osdx OSDxCLI[1741]: User 'admin' added a new cfg line: 'set service dns proxy static DUT0 stamp 'sdns://AgAAAAAAAAAADTEwLjIxNS4xNjguNjQg3oPP2C1f1x5fMeaLEB2rhYCl1aCp5FK7GNlohG2kA3YNZG5zLmR1dDA6MzAwMAovZG5zLXF1ZXJ5''. Oct 10 07:23:52.826977 osdx ca-certificates[23009]: Updating certificates in /etc/ssl/certs... Oct 10 07:23:53.227255 osdx ca-certificates[23993]: 1 added, 0 removed; done. Oct 10 07:23:53.231042 osdx ca-certificates[23996]: Running hooks in /etc/ca-certificates/update.d... Oct 10 07:23:53.234518 osdx ca-certificates[24000]: done. Oct 10 07:23:53.282288 osdx systemd[1]: Started DNSCrypt client proxy. Oct 10 07:23:53.284459 osdx cfgd[1202]: [1741]Completed change to active configuration Oct 10 07:23:53.289274 osdx OSDxCLI[1741]: User 'admin' committed the configuration. Oct 10 07:23:53.302001 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] dnscrypt-proxy 2.0.45 Oct 10 07:23:53.303728 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Network connectivity detected Oct 10 07:23:53.304192 osdx OSDxCLI[1741]: User 'admin' left the configuration menu. Oct 10 07:23:53.304657 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Dropping privileges Oct 10 07:23:53.306254 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Network connectivity detected Oct 10 07:23:53.306340 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Now listening to 127.0.0.1:53 [UDP] Oct 10 07:23:53.306376 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Now listening to 127.0.0.1:53 [TCP] Oct 10 07:23:53.306426 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Firefox workaround initialized Oct 10 07:23:53.306457 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:53] [NOTICE] Loading the set of cloaking rules from [/tmp/tmp0089y2] Oct 10 07:23:53.449236 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:53.638708 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:53.853488 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:54.045141 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:54.248577 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:54.439731 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:54.646899 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:54.845934 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:55.040679 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:55.236293 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:55.438418 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:55.643996 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:55.846102 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:56.041788 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:56.248133 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:56.451582 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:56.667492 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:56.909153 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:57.127833 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:57.307639 osdx dnscrypt-proxy[24008]: [2024-10-10 07:23:57] [NOTICE] System DNS configuration not usable yet, exceptionally resolving [dns.dut0] using fallback resolvers over tcp Oct 10 07:23:57.357914 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:57.592123 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:57.817138 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:58.044106 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:58.259703 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:58.472193 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:58.681517 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:58.900518 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:59.158032 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:59.394796 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:59.636848 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:23:59.854655 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:00.077053 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:00.300835 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:00.519105 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:00.764279 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:01.015356 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:01.250635 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:01.308460 osdx dnscrypt-proxy[24008]: [2024-10-10 07:24:01] [NOTICE] Fallback resolvers didn't respond - Trying with the system resolver as a last resort Oct 10 07:24:01.479999 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:01.712217 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:01.994856 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:02.255620 osdx OSDxCLI[1741]: User 'admin' executed a new command: 'system journal show | cat'. Oct 10 07:24:02.347256 osdx dnscrypt-proxy[24008]: [2024-10-10 07:24:02] [CRITICAL] [DUT0] may be a lying resolver Oct 10 07:24:02.347256 osdx dnscrypt-proxy[24008]: [2024-10-10 07:24:02] [NOTICE] [DUT0] OK (DoH) - rtt: 1011ms Oct 10 07:24:02.347256 osdx dnscrypt-proxy[24008]: [2024-10-10 07:24:02] [NOTICE] Server with the lowest initial latency: DUT0 (rtt: 1011ms) Oct 10 07:24:02.347256 osdx dnscrypt-proxy[24008]: [2024-10-10 07:24:02] [NOTICE] dnscrypt-proxy is ready - live servers: 1
Step 8: Run command show host lookup teldat.com type A at DUT1 and check if output contains the following tokens:
teldat.com has address 10.11.12.13Show output
teldat.com has address 10.11.12.13