DNS over TLS with ShadowSocksR Issue

Possible issue discovered using the “DNS over TLS from Cloudflare” feature together with ShadowSocksR. The DNS service seems unstable and was unable to resolve the server names into their corresponding IP addresses correctly, from time to time. From the syslog:

Thu Sep 19 04:47:27 2019 daemon.err stubby[23784]: Could not schedule query: None of the configured upstreams could be used to send queries on the specified transports

The SSR tunnel could not thus be established. And the whole DNS resolving mechanism seems befuddled at this point. Stopping the SSR services and restarting the STUBBY demon bringing the DNS service back.

Replacing domain names with their respective IP addresses resolves the problem. However, that is undesirable to me. Although I am only using the SS features, the fact that Luci shadowsocks plugin only accepts IP addresses renders it really cumbersome to use on a router.

Changing to ChinaDNS for now, although it sounds less secure than DoT.

FYI I’m in China and using a B-1300 router. The SS provider I’m testing with is Just My Socks.

1 Like

In China, it is more appropriate to use chinaDNS