[iOS 14.6] NEDNSProxyProvider receiving UDP traffic generated by itself

App & System Services Networking
ad4nll OP
Created Jul ’21
Replies 3
Boosts 0
Views 553
Participants 2

Hi all,

I'm creating a DNS extension that'll forward specific queries over HTTPS, all other queries should be routed through the system DNS server over UDP.

In iOS 14.5 and lower this worked perfectly. Using a NWConnection I forwarded UDP traffic to the configured system DNS server(s), this UDP traffic generated by NWConnection was not routed through the DNS extension.

However, since iOS 14.6 we experience a loop where traffic generated by the DNS extension gets routed through itself.

Is this expected behaviour or a regression in 14.6? And if this is expected behaviour, what would be the recommended way to prevent this?

Thanks!

Replies  3
Boosts  0
Views  553
Participants  2
Systems Engineer OP
Apple
Jul ’21

I'm creating a DNS extension that'll forward specific queries over HTTPS, all other queries should be routed through the system DNS server over UDP.

Using a NWConnection I forwarded UDP traffic to the configured system DNS server(s), this UDP traffic generated by NWConnection was not routed through the DNS extension.

What do you mean here by the system DNS server and how are you deriving this information?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
ad4nll OP
Jul ’21

What do you mean here by the system DNS server and how are you deriving this information?

Sorry, I mean the system DNS settings. I use the property systemDNSSettings in NEDNSProxyProvider for this and extract all the IP addresses from the servers array.

The idea is that if the extension doesn't want to forward the query to a DoH server, it will forward it to one of the IP addresses it got from the systemDNSSettings.

This method worked in iOS versions prior to 14.6, but since iOS 14.6 all UDP traffic I generate from the DNS extension also gets routed through the extension, causing a loop. Is this intended behaviour and if so: is there a way to prevent this?

Thanks in advance!

0
Systems Engineer OP
Apple
Jul ’21

Sorry, I mean the system DNS settings. I use the property systemDNSSettings in NEDNSProxyProvider for this and extract all the IP addresses from the servers array.

This method worked in iOS versions prior to 14.6, but since iOS 14.6 all UDP traffic I generate from the DNS extension also gets routed through the extension, causing a loop.

Ah, okay. I think you should open a bug report for this. Please install the following iOS debug profiles:

  1. Network Diagnostics for iOS
  2. VPN (Network Extension) for iOS
  3. mDNSResponder for iOs

Then reproduce the issue and record the exact time and date this took place as well as the DNS queries that were being run at the time. Then trigger a sysdiagnose and upload it to your bug report. Please respond back with the Feedback ID.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
[iOS 14.6] NEDNSProxyProvider receiving UDP traffic generated by itself
First post date Last post date
 
 
Q