Replies: 2 comments
-
|
一个典型场景是 must 一般和 pname 联用,这样使得例如 dnsmasq 的流量全部放行不走 dae。 更好的一个理解是,pname(dnsmasq)->must_rules,这个must_rules是一个关键字,代表不对dnsmasq启用dns模块防止死循环 |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
我觉得应该把->must_direct改为->direct(with_dns_traffic_accept) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
我的理解是,配置文件主要分为
group(负责定义出站),dns(负责dns分流处理),route(负责流量出站路由)假设浏览器访问
www.google.com,dae的策略配置为domain时,我的理解是:dae,dae根据dns中request配置的规则选择上游dns执行解析dae将得到的ip地址返回给客户机dae能得到domain与ip,并根据route中的配置选择出站方式must_direct文档的解释是让DNS流量不经过dae,但是是配置在route中的.那么是否意味着在DNS阶段(即上述步骤1)之前,就需要先读取route里面的规则,来判断流量是否需要经过
dae的dns处理如果是这样,那么将
must_direct放在dns中的request内配置是否也是可行并更合适的?Beta Was this translation helpful? Give feedback.
All reactions