上游的服务不提供响应了,官方测试例子的结果:
curl -v -H 'accept: application/dns-json' 'https://rubyfish.cn/dns-query?name=www.google.com&type=A' * Trying 118.126.68.223:443... * Connected to rubyfish.cn (118.126.68.223) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=dns.rubyfish.cn
* start date: Oct 8 01:24:24 2021 GMT
* expire date: Jan 6 01:24:23 2022 GMT
* subjectAltName: host "rubyfish.cn" matched cert's "rubyfish.cn"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5626e69f0570)
> GET /dns-query?name=www.google.com&type=A HTTP/2
> Host: rubyfish.cn
> user-agent: curl/7.74.0
> accept: application/dns-json
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 503
< date: Tue, 26 Oct 2021 09:53:33 GMT
< content-type: application/json; charset=UTF-8
< content-length: 116
< server: nginx/1.14.0 (Ubuntu)
< access-control-allow-headers: Content-Type
< access-control-allow-methods: GET, HEAD, OPTIONS, POST
< access-control-allow-origin: *
< access-control-max-age: 3600
< x-powered-by: DNS-over-HTTPS/2.2.2 (+https://github.com/m13253/dns-over-https)
<
* Connection #0 to host rubyfish.cn left intact
{"Status":2,"Comment":"DNS query failure (read udp 127.0.0.1:50398-\u003e127.0.0.1:5003: read: connection refused)"}
1
OPA 2021-10-27 08:40:08 +08:00
|