1*6777b538SAndroid Build Coastguard Worker# Chrome Host Resolution 2*6777b538SAndroid Build Coastguard Worker 3*6777b538SAndroid Build Coastguard WorkerImplementation and support of host resolution for the Chrome network stack. 4*6777b538SAndroid Build Coastguard WorkerIncludes client implementations of host resolution protocols (DNS and mDNS), 5*6777b538SAndroid Build Coastguard Workerhost resolution caching, support for dealing with system host resolution 6*6777b538SAndroid Build Coastguard Worker(including reading HOSTS files and tracking system network settings related to 7*6777b538SAndroid Build Coastguard Workerhost resolution), and various related utilities. 8*6777b538SAndroid Build Coastguard Worker 9*6777b538SAndroid Build Coastguard Worker*** promo 10*6777b538SAndroid Build Coastguard WorkerNote: "DNS" in this directory (including the directory name) is often used as 11*6777b538SAndroid Build Coastguard Workershorthand for all host resolution, not just that using the Domain Name System. 12*6777b538SAndroid Build Coastguard WorkerThis document attempts to use "DNS" only to refer to the actual Domain Name 13*6777b538SAndroid Build Coastguard WorkerSystem, except when referring to strings or paths that contain other usage of 14*6777b538SAndroid Build Coastguard Worker"DNS". 15*6777b538SAndroid Build Coastguard Worker*** 16*6777b538SAndroid Build Coastguard Worker 17*6777b538SAndroid Build Coastguard Worker[TOC] 18*6777b538SAndroid Build Coastguard Worker 19*6777b538SAndroid Build Coastguard Worker## Usage 20*6777b538SAndroid Build Coastguard Worker 21*6777b538SAndroid Build Coastguard Worker### From outside the network service 22*6777b538SAndroid Build Coastguard Worker 23*6777b538SAndroid Build Coastguard WorkerMost interaction with host resolution should be through the [network service](/services/network/README.md) 24*6777b538SAndroid Build Coastguard Worker[`network::HostResolver`](/services/network/public/mojom/host_resolver.mojom), 25*6777b538SAndroid Build Coastguard Workerretrieved from [`network::NetworkContext`](/services/network/public/mojom/network_context.mojom) 26*6777b538SAndroid Build Coastguard Workerusing `network::NetworkContext::CreateHostResolver()`. 27*6777b538SAndroid Build Coastguard Worker 28*6777b538SAndroid Build Coastguard WorkerHost resolution is requested using `network::HostResolver::ResolveHost()`. There 29*6777b538SAndroid Build Coastguard Workeris also a shortcut using `network::NetworkContext::ResolveHost()` when a 30*6777b538SAndroid Build Coastguard Workerseparate passable object is not needed. 31*6777b538SAndroid Build Coastguard Worker 32*6777b538SAndroid Build Coastguard WorkerSome general utilities are also available in [`/net/dns/public/`](/net/dns/public/) 33*6777b538SAndroid Build Coastguard Workerthat are intended for use by any code, inside or outside the network service. 34*6777b538SAndroid Build Coastguard WorkerOtherwise, code outside the network service should never interact directly with 35*6777b538SAndroid Build Coastguard Workerthe code in [`/net/dns/`](/net/dns/). 36*6777b538SAndroid Build Coastguard Worker 37*6777b538SAndroid Build Coastguard Worker### From inside the network service 38*6777b538SAndroid Build Coastguard Worker 39*6777b538SAndroid Build Coastguard WorkerInside the network service or inside the Chrome networking stack, host 40*6777b538SAndroid Build Coastguard Workerresolution goes through [`net::HostResolver`](/net/dns/host_resolver.h), 41*6777b538SAndroid Build Coastguard Workerretrieved from [`net::URLRequestContext`](/net/url_request/url_request_context.h). 42*6777b538SAndroid Build Coastguard Worker 43*6777b538SAndroid Build Coastguard Worker### Stand-alone tools 44*6777b538SAndroid Build Coastguard Worker 45*6777b538SAndroid Build Coastguard WorkerTests and stand-alone tools not part of the browser may interact with host 46*6777b538SAndroid Build Coastguard Workerresolution directly by creating their own HostResolvers using 47*6777b538SAndroid Build Coastguard Worker`net::HostResolver::CreateStandaloneResolver()`. 48*6777b538SAndroid Build Coastguard Worker 49*6777b538SAndroid Build Coastguard Worker## Test support 50*6777b538SAndroid Build Coastguard Worker 51*6777b538SAndroid Build Coastguard Worker### MockHostResolver 52*6777b538SAndroid Build Coastguard Worker 53*6777b538SAndroid Build Coastguard Worker[`net::MockHostResolver`](/net/dns/mock_host_resolver.h) 54*6777b538SAndroid Build Coastguard Worker 55*6777b538SAndroid Build Coastguard WorkerTests with the ability to inject and replace the used `net::HostResolver` should 56*6777b538SAndroid Build Coastguard Workerreplace it with a `net::MockHostResolver`, allowing rule-based results. 57*6777b538SAndroid Build Coastguard Worker`net::MockCachingHostResolver` is the same except it includes basic support for 58*6777b538SAndroid Build Coastguard Workerthe caching functionality normally done by prod `net::HostResolver`s. 59*6777b538SAndroid Build Coastguard Worker 60*6777b538SAndroid Build Coastguard WorkerSome tests may also find `net::HangingHostResolver` useful. It will begin host 61*6777b538SAndroid Build Coastguard Workerresolution requests, but never complete them until cancellation. 62*6777b538SAndroid Build Coastguard Worker 63*6777b538SAndroid Build Coastguard Worker### TestHostResolver 64*6777b538SAndroid Build Coastguard Worker 65*6777b538SAndroid Build Coastguard Worker[`content::TestHostResolver`](/content/public/test/test_host_resolver.h) 66*6777b538SAndroid Build Coastguard Worker 67*6777b538SAndroid Build Coastguard WorkerUsed by most browser tests (via [`content::BrowserTestBase`](/content/public/test/browser_test_base.h)), 68*6777b538SAndroid Build Coastguard Worker`content::TestHostResolver` installs itself on creation globally into all host 69*6777b538SAndroid Build Coastguard Workerresolvers in the process. By default, only allows resolution of the local host 70*6777b538SAndroid Build Coastguard Workerand returns `net::ERR_NAME_NOT_RESOLVED` for other hostnames. Allows setting rules 71*6777b538SAndroid Build Coastguard Workerfor other results using a [net::RuleBasedHostResolverProc](/net/dns/mock_host_resolver.h). 72*6777b538SAndroid Build Coastguard Worker 73*6777b538SAndroid Build Coastguard Worker*** note 74*6777b538SAndroid Build Coastguard Worker**Warning:** `content::TestHostResolver` only replaces host address resolution 75*6777b538SAndroid Build Coastguard Workerto the system and then artificially uses such system resolution for many 76*6777b538SAndroid Build Coastguard Workerrequests that would normally be handled differently (e.g. using the built-in DNS 77*6777b538SAndroid Build Coastguard Workerclient). This means a significant amount of normal prod host resolution logic 78*6777b538SAndroid Build Coastguard Workerwill be bypassed in tests using `content::TestHostResolver`. 79*6777b538SAndroid Build Coastguard Worker*** 80*6777b538SAndroid Build Coastguard Worker 81*6777b538SAndroid Build Coastguard Worker### Request remapping 82*6777b538SAndroid Build Coastguard Worker 83*6777b538SAndroid Build Coastguard WorkerMost prod logic for creating HostResolvers will check if any global remappings 84*6777b538SAndroid Build Coastguard Workerhave been requested. In the browser, this is requested using the 85*6777b538SAndroid Build Coastguard Worker["host-resolver-rules"](/services/network/public/cpp/network_switches.h) 86*6777b538SAndroid Build Coastguard Workercommandline flag. 87*6777b538SAndroid Build Coastguard Worker 88*6777b538SAndroid Build Coastguard WorkerSee [`net::HostMappingRules`](/net/base/host_mapping_rules.h) for details on the 89*6777b538SAndroid Build Coastguard Workerformat of the rules string. Allows remapping any request hostname to another 90*6777b538SAndroid Build Coastguard Workerhostname, an IP address, or a NOTFOUND error. 91*6777b538SAndroid Build Coastguard Worker 92*6777b538SAndroid Build Coastguard Worker## Implementation 93*6777b538SAndroid Build Coastguard Worker 94*6777b538SAndroid Build Coastguard Worker### HostResolver 95*6777b538SAndroid Build Coastguard Worker 96*6777b538SAndroid Build Coastguard Worker[`net::HostResolver`](/net/dns/host_resolver.h) 97*6777b538SAndroid Build Coastguard Worker 98*6777b538SAndroid Build Coastguard WorkerThe main interface for requesting host resolution within the network stack or 99*6777b538SAndroid Build Coastguard Workernetwork service. In prod, generally owned, and retrieved as-needed from 100*6777b538SAndroid Build Coastguard Worker[`net::URLRequestContext`](/net/url_request/url_request_context.h)s. Created 101*6777b538SAndroid Build Coastguard Workerusing `net::HostResolver::CreateResolver()` or 102*6777b538SAndroid Build Coastguard Worker`net::HostResolver::CreateStandaloneResolver()`. 103*6777b538SAndroid Build Coastguard Worker 104*6777b538SAndroid Build Coastguard WorkerVarious implementations are used in prod. 105*6777b538SAndroid Build Coastguard Worker 106*6777b538SAndroid Build Coastguard Worker#### ContextHostResolver 107*6777b538SAndroid Build Coastguard Worker 108*6777b538SAndroid Build Coastguard Worker[`net::ContextHostResolver`](/net/dns/context_host_resolver.h) 109*6777b538SAndroid Build Coastguard Worker 110*6777b538SAndroid Build Coastguard WorkerThe main prod implementation of `net::HostResolver`. Expected to be owned 1:1 by 111*6777b538SAndroid Build Coastguard Workera single `net::URLRequestContext`, the `net::ContextHostResolver` owns or keeps 112*6777b538SAndroid Build Coastguard Workerreferences to per-URLRequestContext properties used for host resolution, 113*6777b538SAndroid Build Coastguard Workerincluding an owned [`net::HostCache`](/net/dns/host_cache.h). 114*6777b538SAndroid Build Coastguard Worker 115*6777b538SAndroid Build Coastguard WorkerOn resolution, calls into an underlying `net::HostResolverManager` with the per- 116*6777b538SAndroid Build Coastguard Workercontext properties. 117*6777b538SAndroid Build Coastguard Worker 118*6777b538SAndroid Build Coastguard WorkerOn destruction, silently cancels all host resolution requests made through the 119*6777b538SAndroid Build Coastguard Worker`net::ContextHostResolver` instance. This prevents the underlying 120*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager` from continuing to reference the per-context 121*6777b538SAndroid Build Coastguard Workerproperties that may be destroyed on destruction of the `net::URLRequestContext` 122*6777b538SAndroid Build Coastguard Workeror `net::ContextHostResolver`. 123*6777b538SAndroid Build Coastguard Worker 124*6777b538SAndroid Build Coastguard Worker#### MappedHostResolver 125*6777b538SAndroid Build Coastguard Worker 126*6777b538SAndroid Build Coastguard Worker[`net::MappedHostResolver`](/net/dns/mapped_host_resolver.h) 127*6777b538SAndroid Build Coastguard Worker 128*6777b538SAndroid Build Coastguard WorkerA wrapping implementation around another `net::HostResolver`. Maintains request 129*6777b538SAndroid Build Coastguard Workerremapping rules to remap request hostnames to other hostnames or IP addresses. 130*6777b538SAndroid Build Coastguard Worker 131*6777b538SAndroid Build Coastguard WorkerUsed to implement the ["host-resolver-rules"](/services/network/public/cpp/network_switches.h) 132*6777b538SAndroid Build Coastguard Workercommandline flag. 133*6777b538SAndroid Build Coastguard Worker 134*6777b538SAndroid Build Coastguard Worker#### StaleHostResolver 135*6777b538SAndroid Build Coastguard Worker 136*6777b538SAndroid Build Coastguard Worker[`cronet::StaleHostResolver`](/components/cronet/stale_host_resolver.h) 137*6777b538SAndroid Build Coastguard Worker 138*6777b538SAndroid Build Coastguard WorkerA wrapping implementation around another `net::HostResolver`. Returns stale 139*6777b538SAndroid Build Coastguard Worker(expired or invalidated by network changes) data from the `net::HostCache` when 140*6777b538SAndroid Build Coastguard Workernon-stale results take longer than a configurable timeout. Reduces host 141*6777b538SAndroid Build Coastguard Workerresolution latency at the expense of accuracy. 142*6777b538SAndroid Build Coastguard Worker 143*6777b538SAndroid Build Coastguard WorkerOnly used and created by [Cronet](/components/cronet/README.md). 144*6777b538SAndroid Build Coastguard Worker 145*6777b538SAndroid Build Coastguard Worker### HostResolverManager 146*6777b538SAndroid Build Coastguard Worker 147*6777b538SAndroid Build Coastguard Worker[`net::HostResolverManager`](/net/dns/host_resolver_manager.h) 148*6777b538SAndroid Build Coastguard Worker 149*6777b538SAndroid Build Coastguard WorkerScheduler and controller of host resolution requests. Contains the logic for 150*6777b538SAndroid Build Coastguard Workerimmediate host resolution from fast local sources (e.g. querying 151*6777b538SAndroid Build Coastguard Worker`net::HostCache`s, IP address literals, etc). Throttles, schedules, and merges 152*6777b538SAndroid Build Coastguard Workerasynchronous jobs for resolution from slower network sources. 153*6777b538SAndroid Build Coastguard Worker 154*6777b538SAndroid Build Coastguard WorkerOn destruction, silently cancels all in-progress host resolution requests. 155*6777b538SAndroid Build Coastguard Worker 156*6777b538SAndroid Build Coastguard WorkerIn prod, a single shared `net::HostResolverManager` is generally used for the 157*6777b538SAndroid Build Coastguard Workerentire browser. The shared manager is owned and configured by the 158*6777b538SAndroid Build Coastguard Worker[`network::NetworkService`](/services/network/network_service.h). 159*6777b538SAndroid Build Coastguard Worker 160*6777b538SAndroid Build Coastguard Worker#### Request 161*6777b538SAndroid Build Coastguard Worker 162*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::RequestImpl` 163*6777b538SAndroid Build Coastguard Worker 164*6777b538SAndroid Build Coastguard WorkerImplementation of [`net::HostResolver::ResolveHostRequest`](/net/dns/host_resolver.h) 165*6777b538SAndroid Build Coastguard Workerand overall representation of a single request for resolution from a 166*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager`. The `RequestImpl` object itself primarily acts only 167*6777b538SAndroid Build Coastguard Workeras a container of parameters and results for the request, leaving the actual 168*6777b538SAndroid Build Coastguard Workerlogic to the `net::HostResolverManager` itself. 169*6777b538SAndroid Build Coastguard Worker 170*6777b538SAndroid Build Coastguard WorkerData collected at this layer: 171*6777b538SAndroid Build Coastguard Worker 172*6777b538SAndroid Build Coastguard Worker* "Net.DNS.Request.TotalTime" (recommended for experiments) 173*6777b538SAndroid Build Coastguard Worker* "Net.DNS.Request.TotalTimeAsync" 174*6777b538SAndroid Build Coastguard Worker 175*6777b538SAndroid Build Coastguard Worker#### Job 176*6777b538SAndroid Build Coastguard Worker 177*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::Job` 178*6777b538SAndroid Build Coastguard Worker 179*6777b538SAndroid Build Coastguard WorkerRepresentation of an asynchronous job for resolution from slower network 180*6777b538SAndroid Build Coastguard Workersources. Contains the logic to determine and query the appropriate source for 181*6777b538SAndroid Build Coastguard Workerhost resolution results with retry and fallback support to other sources. On 182*6777b538SAndroid Build Coastguard Workercompletion adds results to relevant `net::HostCache`s and invokes request 183*6777b538SAndroid Build Coastguard Workercallbacks. 184*6777b538SAndroid Build Coastguard Worker 185*6777b538SAndroid Build Coastguard WorkerMultiple requests can be merged into a single Job if compatible. This includes 186*6777b538SAndroid Build Coastguard Workermerging newly-started Jobs with already-running Jobs. 187*6777b538SAndroid Build Coastguard Worker 188*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager` schedules and throttles running 189*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::Job`s using a [`net::PrioritizedDispatcher`](/net/base/prioritized_dispatcher.h). 190*6777b538SAndroid Build Coastguard WorkerThe throttling is important to avoid overworking network sources, especially 191*6777b538SAndroid Build Coastguard Workerpoorly designed home routers that may crash on only a small number of concurrent 192*6777b538SAndroid Build Coastguard WorkerDNS resolves. 193*6777b538SAndroid Build Coastguard Worker 194*6777b538SAndroid Build Coastguard WorkerData collected at this layer: 195*6777b538SAndroid Build Coastguard Worker 196*6777b538SAndroid Build Coastguard Worker* "Net.DNS.ResolveSuccessTime" 197*6777b538SAndroid Build Coastguard Worker* "Net.DNS.ResolveFailureTime" 198*6777b538SAndroid Build Coastguard Worker* "Net.DNS.ResolveCategory" 199*6777b538SAndroid Build Coastguard Worker* "Net.DNS.ResolveError.Fast" 200*6777b538SAndroid Build Coastguard Worker* "Net.DNS.ResolveError.Slow" 201*6777b538SAndroid Build Coastguard Worker 202*6777b538SAndroid Build Coastguard Worker### Host resolution sources 203*6777b538SAndroid Build Coastguard Worker 204*6777b538SAndroid Build Coastguard WorkerVarious sources are used to query host resolution. The sources to be used by a 205*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::Job` are determined in advance of running the Job by 206*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::CreateTaskSequence()`, which outputs a list of 207*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::TaskType` specifying the order of sources to attempt. 208*6777b538SAndroid Build Coastguard WorkerBy default, this will use internal logic to decide the source to use and will 209*6777b538SAndroid Build Coastguard Workeroften allow fallback to additional sources. 210*6777b538SAndroid Build Coastguard Worker 211*6777b538SAndroid Build Coastguard WorkerThe sources chosen by default are also affected by the Secure DNS mode, by 212*6777b538SAndroid Build Coastguard Workerdefault determined from 213*6777b538SAndroid Build Coastguard Worker[`net::DnsConfig::secure_dns_mode`](/net/dns/dns_config.h) but overridable for 214*6777b538SAndroid Build Coastguard Workerindividual requests using 215*6777b538SAndroid Build Coastguard Worker`net::HostResolver::ResolveHostParameters::secure_dns_mode_override`. 216*6777b538SAndroid Build Coastguard Worker 217*6777b538SAndroid Build Coastguard WorkerSpecific sources for a request can be 218*6777b538SAndroid Build Coastguard Workerspecified using `net::HostResolver::ResolveHostParameters::source` and 219*6777b538SAndroid Build Coastguard Worker[`net::HostResolverSource`](/net/dns/host_resolver_source.h). 220*6777b538SAndroid Build Coastguard Worker 221*6777b538SAndroid Build Coastguard WorkerThe Job will then use \*Task objects that implement the behavior specific to the 222*6777b538SAndroid Build Coastguard Workerparticular resolution sources. 223*6777b538SAndroid Build Coastguard Worker 224*6777b538SAndroid Build Coastguard Worker#### SYSTEM 225*6777b538SAndroid Build Coastguard Worker 226*6777b538SAndroid Build Coastguard Worker`net::HostResolverSource::SYSTEM` 227*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::TaskType::SYSTEM` 228*6777b538SAndroid Build Coastguard Worker 229*6777b538SAndroid Build Coastguard WorkerImplemented by: `net::HostResolverSystemTask` 230*6777b538SAndroid Build Coastguard Worker 231*6777b538SAndroid Build Coastguard WorkerUsually called the "system resolver" or sometimes the "proc resolver" (because 232*6777b538SAndroid Build Coastguard Workerit was historically always implemented using net::HostResolverProc). Results 233*6777b538SAndroid Build Coastguard Workerare queried from the system or OS using the `getaddrinfo()` OS API call. This 234*6777b538SAndroid Build Coastguard Workersource is only capable of address (A and AAAA) resolves but will also query for 235*6777b538SAndroid Build Coastguard Workercanonname info if the request includes the `HOST_RESOLVER_CANONNAME` flag. The 236*6777b538SAndroid Build Coastguard Workersystem will query from its own internal cache, HOSTS files, DNS, and sometimes 237*6777b538SAndroid Build Coastguard WorkermDNS, depending on the capabilities of the system. 238*6777b538SAndroid Build Coastguard Worker 239*6777b538SAndroid Build Coastguard WorkerWhen host resolution requests do not specify a source, the system resolver will 240*6777b538SAndroid Build Coastguard Workeralways be used for **address resolves** when **any** of the following are true: 241*6777b538SAndroid Build Coastguard Worker 242*6777b538SAndroid Build Coastguard Worker* Requests with the `HOST_RESOLVER_CANONNAME` flag 243*6777b538SAndroid Build Coastguard Worker* For hostnames ending in ".local" 244*6777b538SAndroid Build Coastguard Worker* When the Secure DNS mode is `net::SecureDnsMode::OFF` and 245*6777b538SAndroid Build Coastguard Worker `net::HostResolverSource::DNS` is not enabled via 246*6777b538SAndroid Build Coastguard Worker `net::HostResolverManager::SetInsecureDnsClientEnabled(true)` 247*6777b538SAndroid Build Coastguard Worker* When a system DNS configuration could not be determined 248*6777b538SAndroid Build Coastguard Worker 249*6777b538SAndroid Build Coastguard WorkerSecure DNS requests cannot be made using the system resolver. 250*6777b538SAndroid Build Coastguard Worker 251*6777b538SAndroid Build Coastguard Worker`net::HostResolverSystemTask`'s behavior can be overridden by an asynchronous 252*6777b538SAndroid Build Coastguard Workerglobal override (e.g. in case resolution needs to be brokered out of the current 253*6777b538SAndroid Build Coastguard Workerprocess for sandboxing reasons). Otherwise, it posts a blocking task to a 254*6777b538SAndroid Build Coastguard Worker[`base::ThreadPool`](/base/task/thread_pool.h) to make blocking resolution 255*6777b538SAndroid Build Coastguard Workerrequests in-process. 256*6777b538SAndroid Build Coastguard WorkerOn a timeout, additional attempts are made, but previous attempts are not 257*6777b538SAndroid Build Coastguard Workercancelled as there is no cancellation mechanism for `getaddrinfo()`. The first 258*6777b538SAndroid Build Coastguard Workerattempt to complete is used and any other attempt completions are ignored. 259*6777b538SAndroid Build Coastguard Worker 260*6777b538SAndroid Build Coastguard WorkerIn prod, the blocking task runner always calls `SystemHostResolverCall()`, which 261*6777b538SAndroid Build Coastguard Workermakes the actual call to `getaddrinfo()` using the 262*6777b538SAndroid Build Coastguard Worker[`net::AddressInfo`](/net/dns/address_info.h) helper. In tests, the blocking 263*6777b538SAndroid Build Coastguard Workertask runner may use a test implementation of 264*6777b538SAndroid Build Coastguard Worker[`net::HostResolverProc`](/net/dns/host_resolver_proc.h), which itself can be 265*6777b538SAndroid Build Coastguard Workerchained. 266*6777b538SAndroid Build Coastguard Worker 267*6777b538SAndroid Build Coastguard WorkerData collected specifically for this source: 268*6777b538SAndroid Build Coastguard Worker 269*6777b538SAndroid Build Coastguard Worker* "Net.DNS.SystemTask.SuccessTime" 270*6777b538SAndroid Build Coastguard Worker* "Net.DNS.SystemTask.FailureTime" 271*6777b538SAndroid Build Coastguard Worker 272*6777b538SAndroid Build Coastguard Worker#### DNS 273*6777b538SAndroid Build Coastguard Worker 274*6777b538SAndroid Build Coastguard Worker`net::HostResolverSource::DNS` 275*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::TaskType::DNS` 276*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::TaskType::SECURE_DNS` 277*6777b538SAndroid Build Coastguard Worker 278*6777b538SAndroid Build Coastguard WorkerImplemented by: `net::HostResolverManager::DnsTask` 279*6777b538SAndroid Build Coastguard Worker 280*6777b538SAndroid Build Coastguard WorkerUsually called the "built-in resolver" or the "async resolver". Results are 281*6777b538SAndroid Build Coastguard Workerqueried from DNS using [`net::DnsClient`](/net/dns/dns_client.h), a Chrome 282*6777b538SAndroid Build Coastguard Workernetwork stack implementation of a DNS "stub resolver" or "DNS client". 283*6777b538SAndroid Build Coastguard Worker 284*6777b538SAndroid Build Coastguard WorkerWhen host resolution requests do not specify a source, the built-in resolver 285*6777b538SAndroid Build Coastguard Workerwill be used when **all** of the following are true: 286*6777b538SAndroid Build Coastguard Worker 287*6777b538SAndroid Build Coastguard Worker* DnsClient is enabled for insecure requests enabled via 288*6777b538SAndroid Build Coastguard Worker `net::HostResolverManager::SetInsecureDnsClientEnabled(true)` or 289*6777b538SAndroid Build Coastguard Worker the Secure DNS mode is not `net::SecureDnsMode::OFF`. 290*6777b538SAndroid Build Coastguard Worker* The system DNS configuration could be determined successfully 291*6777b538SAndroid Build Coastguard Worker* The request hostname does not end in ".local" 292*6777b538SAndroid Build Coastguard Worker* The request is not an address query with the `HOST_RESOLVER_CANONNAME` flag 293*6777b538SAndroid Build Coastguard Worker 294*6777b538SAndroid Build Coastguard WorkerThe `net::HostResolverManager::DnsTask` will create and run a 295*6777b538SAndroid Build Coastguard Worker[`net::DnsTransaction`](/net/dns/dns_transaction.h) for each DNS name/type pair 296*6777b538SAndroid Build Coastguard Workerto be queried. The task will then process successful results from the returned 297*6777b538SAndroid Build Coastguard Worker[`net::DnsResponse`](/net/dns/dns_response.h). 298*6777b538SAndroid Build Coastguard Worker 299*6777b538SAndroid Build Coastguard WorkerWhen a request requires both A and AAAA results, they are handled via two 300*6777b538SAndroid Build Coastguard Workerseparate `net::DnsTransaction`s and the `net::HostResolverManager::DnsTask` will 301*6777b538SAndroid Build Coastguard Workerrequest a second slots from the `net::PrioritizedDispatcher` used by 302*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager`. The A transaction is started immediately on starting 303*6777b538SAndroid Build Coastguard Workerthe `net::HostResolverManager::DnsTask`, and the AAAA transaction is started 304*6777b538SAndroid Build Coastguard Workeronce a second dispatcher slot can be obtained. 305*6777b538SAndroid Build Coastguard Worker 306*6777b538SAndroid Build Coastguard WorkerEach `net::DnsTransaction` internally makes a series of `net::DnsAttempt`s, each 307*6777b538SAndroid Build Coastguard Workerrepresenting an individual DNS request. A single `net::DnsTransaction` can run 308*6777b538SAndroid Build Coastguard Workermany `net::DnsAttempt`s due to retry logic, fallback between multiple configured 309*6777b538SAndroid Build Coastguard WorkerDNS servers, and name permutation due to configured search suffixes. 310*6777b538SAndroid Build Coastguard Worker 311*6777b538SAndroid Build Coastguard WorkerData collected specifically for this source (more internally to 312*6777b538SAndroid Build Coastguard Worker`net::DnsTransaction` implementation not listed here): 313*6777b538SAndroid Build Coastguard Worker 314*6777b538SAndroid Build Coastguard Worker* "Net.DNS.DnsTask.SuccessTime" 315*6777b538SAndroid Build Coastguard Worker* "Net.DNS.InsecureDnsTask.FailureTime" 316*6777b538SAndroid Build Coastguard Worker* "Net.DNS.JobQueueTime.PerTransaction" 317*6777b538SAndroid Build Coastguard Worker* "Net.DNS.JobQueueTime.Failure" 318*6777b538SAndroid Build Coastguard Worker* "Net.DNS.JobQueueTime.Success" 319*6777b538SAndroid Build Coastguard Worker 320*6777b538SAndroid Build Coastguard Worker#### MULTICAST_DNS 321*6777b538SAndroid Build Coastguard Worker 322*6777b538SAndroid Build Coastguard Worker`net::HostResolverSource::MULTICAST_DNS` 323*6777b538SAndroid Build Coastguard Worker`net::HostResolverManager::TaskType::MDNS` 324*6777b538SAndroid Build Coastguard Worker 325*6777b538SAndroid Build Coastguard WorkerImplemented by [`net::HostResolverMdnsTask`](/net/dns/host_resolver_mdns_task.h) 326*6777b538SAndroid Build Coastguard Worker 327*6777b538SAndroid Build Coastguard WorkerResults are queried from mDNS using [`net::MDnsClient`](/net/dns/mdns_client.h). 328*6777b538SAndroid Build Coastguard Worker 329*6777b538SAndroid Build Coastguard WorkerWhen host resolution requests do not specify a source, mDNS is only used for 330*6777b538SAndroid Build Coastguard Workernon-address requests when the request hostname ends in ".local". 331*6777b538SAndroid Build Coastguard Worker 332*6777b538SAndroid Build Coastguard WorkermDNS requests start with [`net::HostResolverMdnsTask`](/net/dns/host_resolver_mdns_task.h), 333*6777b538SAndroid Build Coastguard Workerwhich will create and run a [`net::MDnsTransaction`](/net/dns/mdns_client.h) for 334*6777b538SAndroid Build Coastguard Workereach query type needed. 335*6777b538SAndroid Build Coastguard Worker 336*6777b538SAndroid Build Coastguard WorkerUnlike `net::HostResolverManager::DnsTask`, each `net::HostResolverMdnsTask` 337*6777b538SAndroid Build Coastguard Workerwill only ever use a single dispatcher slot, even when both A and AAAA types are 338*6777b538SAndroid Build Coastguard Workerqueried concurrently. 339*6777b538SAndroid Build Coastguard Worker 340*6777b538SAndroid Build Coastguard Worker`net::MDnsClient` maintains its own cache, separate from the main 341*6777b538SAndroid Build Coastguard Worker[`net::HostCache`](/net/dns/host_cache.h) owned by the 342*6777b538SAndroid Build Coastguard Worker[`net::ContextHostResolver`](/net/dns/context_host_resolver.h). As such, mDNS 343*6777b538SAndroid Build Coastguard Workerresults are never cached in the `net::HostCache`. 344*6777b538SAndroid Build Coastguard Worker 345*6777b538SAndroid Build Coastguard Worker### IPv6 and connectivity 346*6777b538SAndroid Build Coastguard Worker 347*6777b538SAndroid Build Coastguard WorkerSome poorly written DNS servers, especially on home routers, are unaware of the 348*6777b538SAndroid Build Coastguard Workerexistence of IPv6 and will result in bad performance or even crash when sent 349*6777b538SAndroid Build Coastguard WorkerAAAA DNS queries. 350*6777b538SAndroid Build Coastguard Worker 351*6777b538SAndroid Build Coastguard WorkerTo avoid such issues, `net::HostResolverManager` heuristically detects IPv4-only 352*6777b538SAndroid Build Coastguard Workernetworks by attempting a UDP connection to `2001:4860:4860::8888` (the IPv6 353*6777b538SAndroid Build Coastguard Workeraddress for Google Public DNS). If the connection fails, Chrome will convert 354*6777b538SAndroid Build Coastguard Workerhost resolution requests for `net::DnsQueryType::UNSPECIFIED` to 355*6777b538SAndroid Build Coastguard Worker`net::DnsQueryType::A`. This generally results in disallowing AAAA requests. 356*6777b538SAndroid Build Coastguard Worker 357*6777b538SAndroid Build Coastguard WorkerExceptions when AAAA requests are always allowed despite a failed connectivity 358*6777b538SAndroid Build Coastguard Workercheck: 359*6777b538SAndroid Build Coastguard Worker 360*6777b538SAndroid Build Coastguard Worker* The host resolution request explicitly requests `net::DnsQueryType::AAAA` 361*6777b538SAndroid Build Coastguard Worker* IP address literal resolution including when a hostname request has been 362*6777b538SAndroid Build Coastguard Worker rewritten to an IP address literal using `net::MappedHostResolver` 363*6777b538SAndroid Build Coastguard Worker* Results read from HOSTS files where there is no non-loopback IPv4 result. Note 364*6777b538SAndroid Build Coastguard Worker that this exception only applies when Chrome does the read from HOSTS. When 365*6777b538SAndroid Build Coastguard Worker Chrome's built-in DNS client is not used, HOSTS is only read by the system 366*6777b538SAndroid Build Coastguard Worker where Chrome would only request A results to avoid the system making AAAA DNS 367*6777b538SAndroid Build Coastguard Worker queries. 368*6777b538SAndroid Build Coastguard Worker 369*6777b538SAndroid Build Coastguard WorkerThe heuristic for detecting IPv4-only networks is not perfect. E.g., it fails 370*6777b538SAndroid Build Coastguard Workerand disallows AAAA requests in private (no global internet access including to 371*6777b538SAndroid Build Coastguard WorkerGoogle Public DNS) IPv6-only networks, which could then break most Chrome usage 372*6777b538SAndroid Build Coastguard Workeron the network because, being an IPv6-only network, AAAA results are necessary. 373*6777b538SAndroid Build Coastguard Worker 374*6777b538SAndroid Build Coastguard WorkerWorkarounds to allow Chrome to attempt to load IPv6 endpoints when the 375*6777b538SAndroid Build Coastguard Workerconnectivity check fails: 376*6777b538SAndroid Build Coastguard Worker 377*6777b538SAndroid Build Coastguard Worker* Starting Chrome with 378*6777b538SAndroid Build Coastguard Worker `--host-resolver-rules="MAP the.hostname.com [dead::beef]"` where 379*6777b538SAndroid Build Coastguard Worker `the.hostname.com` is the hostname to allow resolving and `dead::beef` is the 380*6777b538SAndroid Build Coastguard Worker IPv6 address to resolve it to. `net::MappedHostResolver` acts at a level 381*6777b538SAndroid Build Coastguard Worker before IPv6 connectivity checks, and if a hostname is remapped to an IP 382*6777b538SAndroid Build Coastguard Worker literal, connectivity checks do not apply. 383*6777b538SAndroid Build Coastguard Worker* Add entries for the hostnames to resolve to the HOSTS file with just IPv6 384*6777b538SAndroid Build Coastguard Worker results. Only works with the built-in DNS client is used. 385*6777b538SAndroid Build Coastguard Worker* Add a network route to `2001:4860:4860::8888`. Doesn't have to actually be 386*6777b538SAndroid Build Coastguard Worker functional (could just drop requests to it). As long as Chrome can connect a 387*6777b538SAndroid Build Coastguard Worker UDP socket to the address, it will pass the heuristic checking 388*6777b538SAndroid Build Coastguard Worker IPv6-connectivity. 389