Great thank you !
➜ ~ dig -t aaaa powerdns.com @127.0.0.1 -p 5300 +nocookie
+http-plain=/dns-query
; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> -t aaaa powerdns.com
@127.0.0.1 -p 5300 +nocookie +http-plain=/dns-query
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17379
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;powerdns.com. IN AAAA
;; AUTHORITY SECTION:
powerdns.com. 3600 IN SOA pdns-public-ns1.powerdns.com.
peter\.van\.dijk.powerdns.com. 2025111301 10800 3600 604800 3600
;; Query time: 168 msec
;; SERVER: 127.0.0.1#5300(127.0.0.1) (HTTP)
;; WHEN: Mon Nov 17 19:09:52 CET 2025
;; MSG SIZE rcvd: 108
Now that I test requests via apache reverse proxy I get errors like this
one :
[proxy_http:error] [pid 542507:tid 542557] (70014)End of file found:
[remote 192.168.0.254:40452] AH01102: error reading status line from
remote server 127.0.0.1:5300
I know it's perhaps more related to Apache than dnsdist but I ask anyway
: is it possible to use Apache to proxy requests to dnsdist ?
Le 17/11/2025 à 18:11, Aman Grewal a écrit :
You have to tell dig to use DoH
`+https=/dns-query` for https
`+http-plain=/dns-query` for http
On Mon, Nov 17, 2025 at 11:51 AM ROGER VIncent via Pdns-users
<[email protected]> wrote:
Hi,
I intend to access dnsdist via DoH with an apache reverse proxy,
but first I can't get dnsdist respond to queries :
➜ ~ dig -t aaaa powerdns.com <http://powerdns.com> @127.0.0.1
<http://127.0.0.1> -p 5300 +short +nocookie
;; communications error to 127.0.0.1#5300: connection refused
;; communications error to 127.0.0.1#5300: connection refused
;; communications error to 127.0.0.1#5300: connection refused
; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> -t aaaa powerdns.com
<http://powerdns.com> @127.0.0.1 <http://127.0.0.1> -p 5300
+short +nocookie
;; global options: +cmd
;; no servers could be reached
Here is my dnsdist.conf :
-- disable security status polling via DNS
setSecurityPollSuffix("")
setACL("127.0.0.1/8 <http://127.0.0.1/8>")
-- Define upstream DNS server (Pi-hole)
newServer({address="192.168.0.26:53 <http://192.168.0.26:53>",
name="Pi2-hole", checkInterval=60, mustResolve=true})
newServer({address="192.168.0.24:53 <http://192.168.0.24:53>",
name="Pi1-hole", checkInterval=60, mustResolve=true})
-- Set the load balancing policy
setServerPolicy(roundrobin)
-- Create local DOH server listener in DNS over HTTP mode,
otherwise the information coming from nginx won't be processed well
addDOHLocal("127.0.0.1:5300 <http://127.0.0.1:5300>", nil, nil,
"/dns-query", {reusePort=true, trustForwardedForHeader=false,
keepIncomingHeaders=true})
dnsdist is listening port 5300 though :
➜ ~ sudo netstat -tapn | grep 5300
tcp 0 0 127.0.0.1:5300 <http://127.0.0.1:5300>
0.0.0.0:* LISTEN 508356/dnsdist
What is my mistake here ?
--
ROGER Vincent
_______________________________________________
Pdns-users mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
_______________________________________________
Pdns-users mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/pdns-users
