On my home dns server I have these dns records:
..onion$ 10.0.0.254
..i2p$ 10.0.0.253
To associate real IP for tor and i2p sites and then transparently proxyfy them
If I’ll try to resolve them with nslookup - both will work
nslookup 123.i2p will return 10.0.0.253
nslookup 123.onion will return 10.0.0.254
And if I’tt trr to resolve them with powershell’s Resolve-DnsName(or simply ping them)
Resolve-DnsName 123.i2p will work and return 10.0.0.253
Resolve-DnsName 123.onion will not work
Even if I manually add these record to etc/hosts and look into dns cache - I will see this:
`Get-DnsClientCache`
`Entry RecordName Record Status Section TimeTo Data L Data`
` ` `Type Live ength`
`----- ---------- ------ ------ ------- ------ ------ ----`
`123.onion AAAA NotExist`
`123.onion A NotExist`
`123.i2p AAAA NoRecords`
`123.i2p 123.i2p A Success Answer 584505 4 10.0.0.253`
I’ve also dumped traffic with wireshark and when I try to
Resolve-DnsName 123.i2p - there is DNS request
And when I do
Resolve-DnsName 123.i2p - there is not.
Problem exists only in Windows 11, Windows 10 and earlier, Android, Linux distros are all OK
Seems that Microsoft hardcoded some kind of filter in windows dns clent which stops .onion domains from resolving
Seems that Microsoft hardcoded some kind