On 2025/3/14 00:50, Havard Eidnes via Unbound-users wrote:
However, in the mean time I have come to the conclusion that there
may be a correlation between me enabling DoH and DoT and using RFC
9462 to direct clients which probe for _dns.resolver.arpa to use the
DoH and/or DoT endpoints on the one hand, and on the other hand what
really does look like a massive memory leak in unbound. If that is
true, which malloc() you use should not make much of a difference.
Maybe this is off-topic, I want to know that if you got the _dns.resolver.arpa
work in your environment.
I have the only device that use the RFC 9462 _dns.resolver.arpa thing is
Apple's iPhone. But I can never make the iPhone to use the DoH or DoT which is
specified in the _dns.resolver.arpa SVCB record.
Even I use Cloudflare's SVCB record iPhone still don't want to use it. I mean
iPhone queried _dns.resolver.arpa SVCB and one.one.one.one HTTPS/A/AAAA then
ignore. Maybe it tried to make a TLS connection to one.one.one.one then
disconnect and ignore.
_dns.resolver.arpa. IN SVCB 1 one.one.one.one. alpn="h2,h3" port=443
ipv4hint=1.1.1.1,1.0.0.1 ipv6hint=2606:4700:4700::1111,2606:4700:4700::1001
key7="/dns-query{?dns}"
Do you have any suggestion ?
Cowbay
