Dear Remi and Group,
this is only partially an dnsdist question, but probably some folks here might
have looked into this.
1. when trying out dnsmasq/stubby [1],[2] to tstart and later also to talk to a
DNSdist instance - seems to work fine from a newly rebuilt openwrt 18.06.02
root@OpenWrt:~# stubby
[13:33:12.016680] STUBBY: Read config from file /etc/stubby/stubby.yml
[13:33:12.016787] STUBBY: DNSSEC Validation is OFF
[13:33:12.016794] STUBBY: Transport list is:
[13:33:12.016797] STUBBY: - TLS
[13:33:12.016800] STUBBY: Privacy Usage Profile is Strict (Authentication
required)
[13:33:12.016804] STUBBY: (NOTE a Strict Profile only applies when TLS is the
ONLY transport!!)
[13:33:12.016807] STUBBY: Starting DAEMON....
Question are who is is running this running also with older OpenWRT…
a) does anyone have DNSdist working with a stubby built from a LEDE 17.01 [3]
box?
b) have you seen a working (and non-performance breakdown) way to install a
very simple binary openWRT package that allows DNS-over-TLS with DNSdist in a
silmilarly easy way as https_dns_proxy [3] does?
IIRC it can’t work with DNSdist becasue of DNSdist not supporting
application/dns-json as content type - or can DNSdist do that by some currently
not (yet?) published extension/config flag?
c) or is the only way to get this work on LEDE 17.01 using unbound [4] (nothing
to be said against unbound, except that there might be a simpler way)?
BR, Normen
[1] https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby
[2] https://openwrt.org/docs/guide-user/services/dns/dot_dnsmasq_stubby
[3] https://github.com/aarond10/https_dns_proxy
[4] https://openwrt.org/docs/guide-user/services/dns/dot_unbound
_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist