Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change 1.1.1.1 to 1.0.0.1 for better compatibility #2330

Merged
merged 3 commits into from Jul 13, 2019
Merged

Change 1.1.1.1 to 1.0.0.1 for better compatibility #2330

merged 3 commits into from Jul 13, 2019

Conversation

ghost
Copy link

@ghost ghost commented Jun 13, 2019
edited by ghost
Loading

As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.

Neilpang and others added 3 commits June 10, 2019 22:02
@Neilpang
Merge pull request #2319 from Neilpang/dev
3461727 
sync
@Neilpang
Merge pull request #2320 from Neilpang/dev
685755f 
sync
Change 1.1.1.1 to 1.0.0.1 to probe compatibility
62c974c 
As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.
@ghost ghost changed the title Patch 1 Change 1.1.1.1 to 1.0.0.1 to probe compatibility Jun 13, 2019
@ghost ghost changed the title Change 1.1.1.1 to 1.0.0.1 to probe compatibility Change 1.1.1.1 to 1.0.0.1 for better compatibility Jun 13, 2019
@Neilpang
Copy link
Member

你试一下换成 域名 http://one.one.one.one/xxxxxxxx 这种形式能工作不.

@ghost
Copy link
Author

ghost commented Jun 13, 2019

你好,我解释一下,one.one.one.one的解析结果里包含了1.1.1.1,这个IP相比1.0.0.1被更广泛的用于内网(尽管目前这种操作不被接受,但APNIC曾声明这段IP不被广播,以至于被滥用情况更加广泛),所以我觉得有必要专门指明1.0.0.1。

@Neilpang
Copy link
Member

这里已经有一个 配置 cf 的pr 了

#2275

稍后 会考虑

@Neilpang
Copy link
Member

你可以通过 设置 --dnssleep 180 来绕过 cf 的检查.

@realpg
Copy link

realpg commented Jul 13, 2019

同意不要在关键场合用1.1.1.1
这个IP不止被用于内网 还广泛用于公网……
一般这个1.1.1.1/32 主要用于在网络设备 测试环境 配置到loopback接口,指代公网,类似的还会有1.1.1.2/32 放在第二个有公网的设备等

各种运营商设备进行割接调试前也会这么去搭建模拟环境,而模拟环境测试完毕后,很少有人会想起来把无关紧要的loopback模拟公网接口的IP摘下来,这也无关紧要,而且这个IP不会被向公网广播

但是,当你正常去1.1.1.1的包万一中间经过了某个带1.1.1.1 loopback接口的路由器,直接就报到达并回包了……

这种现象不仅存在于国内,国外也多……

@Neilpang
Copy link
Member

@realpg

这只是想要一个查询功能, 轮询dns 的设置是否生效了.

在 1.1.1.1 不能用的情况下, 可以考虑在自己搭建一个查询的反代节点 , 比如 https://check.acme.sh.

如果 1111 不能用, 就用我自己的反代.

这样可能会有人担心隐私问题, 所以一直没有做.

大家怎么看 ?

@Neilpang Neilpang merged commit 3cdfa40 into acmesh-official:dev Jul 13, 2019
@realpg
Copy link

realpg commented Jul 23, 2019

@realpg

这只是想要一个查询功能, 轮询dns 的设置是否生效了.

在 1.1.1.1 不能用的情况下, 可以考虑在自己搭建一个查询的反代节点 , 比如 https://check.acme.sh.

如果 1111 不能用, 就用我自己的反代.

这样可能会有人担心隐私问题, 所以一直没有做.

大家怎么看 ?

建议干脆就别碰1.1.1.1 也就不用去测是否能通了
CF用1.1.1.1绝对是脑袋一热瞎搞 这个全球范围可用性都会抽

Neilpang added a commit that referenced this pull request Jul 27, 2019
@Neilpang
sync (#2404)
55dea4e 
* support jdcloud.com

* fix format

* ttl 3000

* Escape slashes (#2375)

* Change 1.1.1.1 to 1.0.0.1 to probe compatibility (#2330)

As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.

* check empty id

* fix error

* Add dnsapi for Vultr (#2370)

* Add Vultr dns api

* PushOver notifications (#2325)

* PushOver notifications, using AppToken, UserKey, and optional sounds

* fix errors

* added dns api support for hexonet (#1776)

* update

* minor

* support new Cloudflare Token format
fix #2398

* fix wildcard domain name

* add more info

* fix #2377

* fix format

* fix format
@Sp1l
Copy link
Contributor

Sp1l commented Jul 29, 2019
edited
Loading

Thanks to a translator, I can now read this thread. Pitty that we've not made this configurable.

This still doesn't work in environments that require using a proxy to access the CF purge service. Any plan how that can be added to acme.sh?

For convencience, I've added an A record to my domain (DNS provided by gandi.net) that resolves to 1.0.0.1 (and the original IPv6 which I believe is no issue).

$ host 1.0.0.1.brnrd.eu
1.0.0.1.brnrd.eu has address 1.0.0.1
1.0.0.1.brnrd.eu has IPv6 address 2606:4700:4700::1001
1.0.0.1.brnrd.eu has IPv6 address 2606:4700:4700::1111

If we make _cf_purl configurable, this can be made to work for everyone!

EDIT: Just found that Cloudflare hosts the one.one.one.one site on https://1001.cloudflare-dns.com/ as well! Can we use that instead of hardcoding 1.0.0.1? (spoiler: doesn't resolve to 1.0.0.1...)

$ host 1001.cloudflare-dns.com
1001.cloudflare-dns.com has address 104.16.249.249
1001.cloudflare-dns.com has address 104.16.248.249
1001.cloudflare-dns.com has IPv6 address 2606:4700::6810:f8f9
1001.cloudflare-dns.com has IPv6 address 2606:4700::6810:f9f9

@Sp1l Sp1l mentioned this pull request Jul 29, 2019
Closed
@Neilpang
Copy link
Member

已经改用 cloudflare-dns.com 了.

大家试一下 dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Neilpang @realpg @Sp1l @williamdes