Re: [Pdns-users] DoT for recursor
Hi Otto, Thank you, good to know. I use dnsdist at my clients but am working on my lab at the moment where I don’t yet have have dnsdist deployed. -- Djerk Geurts > On 9 May 2023, at 13:47, Otto Moerbeek wrote: > > On Tue, May 09, 2023 at 01:34:51PM +0100, Djerk Geurts via Pdns-users wrote: > >> Hi all, >> >> Had a look and the only thing I could find is that DoT apparently is enabled >> when configuring PowerDNS-recursor with specific upstream servers on port >> 853. >> >> Being relatively new to DoT and DoH I’m trying to work out why I can’t >> configure the recursor to listen to port 853 without configuring a specific >> forwarder. It looks like this is possible for dnsdist, so why not recursor, >> or am I missing something? > > Recursor 4.8 has a way to discover if an auth supports DoT. See > https://blog.powerdns.com/2022/06/13/probing-dot-support-of-authoritative-servers-just-try-it/ > > Recursor has no incoming DoT or DoH, because it is easy to use dnsdist > in front of Recursor for that. So there is little incentive to add > that functionality to the Recursor itself. > > -Otto ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
Re: [Pdns-users] DoT for recursor
On Tue, May 09, 2023 at 01:34:51PM +0100, Djerk Geurts via Pdns-users wrote: > Hi all, > > Had a look and the only thing I could find is that DoT apparently is enabled > when configuring PowerDNS-recursor with specific upstream servers on port 853. > > Being relatively new to DoT and DoH I’m trying to work out why I can’t > configure the recursor to listen to port 853 without configuring a specific > forwarder. It looks like this is possible for dnsdist, so why not recursor, > or am I missing something? Recursor 4.8 has a way to discover if an auth supports DoT. See https://blog.powerdns.com/2022/06/13/probing-dot-support-of-authoritative-servers-just-try-it/ Recursor has no incoming DoT or DoH, because it is easy to use dnsdist in front of Recursor for that. So there is little incentive to add that functionality to the Recursor itself. -Otto ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] DoT for recursor
Hi all, Had a look and the only thing I could find is that DoT apparently is enabled when configuring PowerDNS-recursor with specific upstream servers on port 853. Being relatively new to DoT and DoH I’m trying to work out why I can’t configure the recursor to listen to port 853 without configuring a specific forwarder. It looks like this is possible for dnsdist, so why not recursor, or am I missing something? -- Thanks, Djerk Geurts ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
