Hi Christoph, On 6/7/19 9:56 PM, Christoph wrote: >> This version [...] adds a new rule to route queries based on the >> incoming TLS Server Name Indication (SNI) value. > > Is this the first step towards supporting DoH and DoT on a single > IP:port and dnsdist will tell them apart via SNI? > > dot.example.com:443 > > doh.example.com:443 > > (both would resolve to the same IP)
It's a very nice idea, but I'm afraid it's unlikely to happen due to the fact that we use libh2o to handle incoming connections on DoH ports and not on DoT ones, so it would be hard to mix them. Best regards, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist