Summary: Ideally, bootstrapAddr is used only for the first DNS request, which is to find the other addresses of the TRR resolver. The following requests can be made through IPv6 if available.
net.trr.bootstrapAddress should signify the initial TRR IP, not the hardcoded, permanent DoH IP.
In this case, "Bootstrap" means "to make the initial DNS query as a precursor to next DNS queries." The pref name is confusing.
Before or after this bug report, net.trr.bootstrapAddress allows DoH to work in DNS poisoned environments (for example cloudflare-dns.com is redirected to invalid IP). It shouldn't be intended to "pin" an address.
On some networks, IPv4 has a higher latency than IPv6. This is expected since IPv6 designed to supersede IPv4. So we should always connect through IPv6 when possible.
Ideally, bootstrapAddr is used only for the first DNS request, which is to find the other addresses of the TRR resolver. The following requests can be made through IPv6 if available.
How I want bootstrapAddr to work EXAMPLE
- a user connected to an IPv6 network.
- bootstrapAddr has 18.104.22.168
- TRR address "cloudflare-dns.com"
A and AAAA requests are made through TRR to 22.214.171.124, cloudflare-dns.com.
cloudflare-dns.com lists 126.96.36.199, 188.8.131.52, 2606:4700:4700::1111, 2606:4700:4700::1001.
We continue with 2606:4700:4700::1111 since IPv6 is available.
A pref that changes the behavior of bootstrapAddr, choosing one of the following:
- "Pin" the IP for the TRR resolver
- Use it as a bootstrap address. Make the first TRR request to discover its other IPv6 and IPv4 addresses.