`proxy_proto` showing private IP address as client address

1

I’d like to deploy a private DNS resolver that uses port 853 for DNS over TLS (DoT) with ECS.

The problem is that even while using proxy_proto in my app’s TOML file, dnsdist shows that the IP address provided is a private 172.x.x.x address.

I’m rather confused because the documentation suggests that it should be giving the client’s public IP address.

app = [REDACTED]

[build]

[[services]]
  internal_port = 443
  protocol = "tcp"

  [[services.ports]]
    port = 443

[[services]]
  internal_port = 853
  handlers = ["proxy_proto"]
  proxy_proto_options = { version = "v2" }

  [[services.ports]]
    port = 853
    handlers = []
2

Hi… You really want the handlers and proxy_proto_options to be down in the [[services.ports]] block, not up above, :taruggiz_spiral:.

Hope this helps move things forward a little!

1 Like
4

Hello there! Thanks for the tip.

After struggling for several hours with DNSdist, HAProxy and Blocky I decided to simply give up on the project. I was trying to stand up a DNS server with lots of blocking (hence Blocky) but it doesn’t support the PROXY protocol itself.

This is just a side project anyway, I already do all this on a VPS with a VPN and a home router. I was just trying to share the powerful blocking I have with friends and family.

1 Like
5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.