4.1 KiB
Plugin: dnslink-fetch
- status: beta
- type: transport plugin
This transport plugin uses standard fetch()
to retrieve remote content from alternative endpoints — that is, HTTPS endpoints that are not in the original domain. This enables retrieving content even if the website on the original domain is down for whatever reason. The list of alternative endpoints is itself retrieved using DNSLink for the original domain.
Compare: alt-fetch
.
As per LibResilient architecture, this plugin adds X-LibResilient-Method
and X-LibResilient-ETag
headers to the returned response.
Configuration
The dnslink-fetch
plugin supports the following configuration options:
-
concurrency
(default: 3)
Number of alternative endpoints to attempt fetching from simultaneously.
If the number of available alternative endpoints is lower thenconcurrency
, all are used for each request. If it is higher, onlyconcurrency
of them, chosen at random, are used for any given request. -
dohProvider
(default: "https://dns.hostux.net/dns-query
")
DNS-over-HTTPS JSON API provider/endpoint to query when resolving the DNSLink. By default using Hostux DoH endpoint. Other options:- "
https://dns.google/resolve
"
Google DNS DoH JSON API endpoint - "
https://cloudflare-dns.com/dns-query
"
CloudFlare's DoH JSON API endpoint - "
https://mozilla.cloudflare-dns.com/dns-query
"
Mozilla's DoH JSON API endpoint, operated in co-operation with CloudFlare.
- "
-
ecsMasked
(default:true
)
Should the EDNS Client Subnet be masked from authoritative DNS servers for privacy. See also:edns_client_subnet
parameter of the DoH JSON API.
Operation
When fetching an URL, dnslink-fetch
removes the scheme and domain component. Then, for each alternative endpoint that is used for this particular request (up to concurrency
of endpoints, as described above), it concatenates the endpoint with the remaining URL part. Finally, it performs a fetch()
request for every URL construed in such a way.
Let's say the plugin is deployed for website https://example.com
, with concurrency
set to 2
and these are the alternative endpoints specified in relevant TXT records according to the DNSLink specification (so, in multiaddr form):
dnslink=/https/example.org
dnslink=/https/example.net/alt-example
dnslink=/https/eu.example.cloud
dnslink=/https/us.example.cloud
Notice: dnslink-fetch
currently only supports a rudimentary, naïve form of multiaddr addresses, which is /https/domain_name[/optional/path]
; full mutiaddr support might be implemented at a later date.
A visitor, who has visited the https://example.com
website at least once before (and so, LibResilient is loaded and working), tries to access it. For whatever reason, the https://example.com
site is down or otherwise inaccessible, and so the dnslink-fetch
plugin kicks in.
The request for https://example.com/index.html
is being handled thus:
- scheme and domain removed:
index.html
- two (based on
concurrency
setting) random alternative endpoints selected:dnslink=/https/example.net/alt-example
dnslink=/https/example.org
- resolve endpoint multiaddrs to URL of each endpoint:
https://example.net/alt-example/
https://example.org/
fetch()
request issued simultaneously for URL (so, alternative endpoint concatenated with the path from hte original request):https://example.net/alt-example/index.html
https://example.org/index.html
- the first successful response from either gets returned as the response for the whole plugin call.