https://github.com/crzidea/doh
Country-Aware DNS over HTTPS for Optimized CDN Routing
https://github.com/crzidea/doh
dns dns-over-https doh
Last synced: 3 months ago
JSON representation
Country-Aware DNS over HTTPS for Optimized CDN Routing
- Host: GitHub
- URL: https://github.com/crzidea/doh
- Owner: crzidea
- Created: 2024-08-23T09:56:45.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-03-25T10:40:12.000Z (3 months ago)
- Last Synced: 2025-03-30T10:08:58.821Z (3 months ago)
- Topics: dns, dns-over-https, doh
- Language: JavaScript
- Homepage: https://crzidea.com/#/article/introducing-crzidea-doh
- Size: 33.2 KB
- Stars: 93
- Watchers: 2
- Forks: 27
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Country-Aware DNS over HTTPS for Optimized CDN Routing
This Cloudflare Worker script provides a DNS over HTTPS (DoH) service with intelligent ECS (EDNS Client Subnet) handling for improved CDN performance.
[中文介绍](https://crzidea.com/#/article/introducing-crzidea-doh)
## How it works:
1. **ECS Extraction:** The worker extracts two sets of ECS options from URL:
- **Client IP:** The actual IP address of the client making the request.
- **Alternative IP:** Typically, the external IP address of a VPN connection.
2. **Dual DNS Resolution:** The worker performs two DNS resolutions for each request, one using the client IP and one using the alternative IP.
3. **Intelligent Response Selection:** The worker compares the IP addresses returned in both DNS responses:
- **Same Country Match:** If the IP address returned using the client IP is located in the same country as the client, that response is chosen. This prioritizes local CDN nodes for optimal performance.
- **Alternative IP Response:** If the client IP response doesn't match the client's country, the response obtained using the alternative IP is chosen. This ensures content delivery even when using a VPN or experiencing routing issues.
## Benefits:
- **Improved CDN Performance:** By intelligently selecting the best DNS response based on client location, the worker ensures requests are routed to the most optimal CDN nodes.
- **Enhanced Privacy:** Utilizing DoH encrypts DNS queries, preventing eavesdropping and manipulation.
- **Seamless VPN Integration:** The worker's dual resolution approach ensures uninterrupted content delivery even when using a VPN.
## Deployment:
This worker is designed for deployment on the Cloudflare Workers platform. Here are the steps to deploy:
1. **Install dependencies:**
```bash
npm install
```
2. **(Optional)Login to Wrangler:**
```bash
npx wrangler login
```
3. **Download, create, and import the GeoIP database:**
You need to set following env vars before run the import script:
```bash
export MAXMIND_ACCOUNT_ID=
export MAXMIND_LICENSE_KEY=
export CLOUDFLARE_ACCOUNT_ID=
export CLOUDFLARE_API_TOKEN=
```
Note: The following permissions for cloudflare token are needed to run the script, you can visit [here](https://dash.cloudflare.com/profile/api-tokens) to create a new token:
```
Account/Worker Scripts/Edit
Account/D1/Edit
```
Then, run the script:
```bash
./import-geoip.sh
```
The script will do the following tasks
- Download the GeoLite2 Country database from MaxMind and extract it to the `./tmp` directory.
- Create a D1 database on Cloudflare and import the downloaded database into the D1 database.
5. **Configure wrangler.toml:**
```sh
mv tmp/wrangler.toml .
```
6. **Deploy:**
```bash
npm run deploy
```
## DoH URL Example:
Replace `doh.subdomain.workers.dev` with your domain name after deploying the script to cloudflare workers.
```
https://doh.subdomain.workers.dev/client-ip/223.5.5.5/client-country/CN/alternative-ip/8.8.8.8/dns-query
```
## Contributing:
Contributions are welcome! Please feel free to open issues or submit pull requests.