<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hi,</p>
<p>I intend to access dnsdist via DoH with an apache reverse proxy,
but first I can't get dnsdist respond to queries :</p>
<p> </p>
<blockquote type="cite">➜ ~ dig -t aaaa powerdns.com @127.0.0.1 -p
5300 +short +nocookie<br>
;; communications error to 127.0.0.1#5300: connection refused<br>
;; communications error to 127.0.0.1#5300: connection refused<br>
;; communications error to 127.0.0.1#5300: connection refused<br>
<br>
; <<>> DiG 9.20.15-1~deb13u1-Debian <<>>
-t aaaa powerdns.com @127.0.0.1 -p 5300 +short +nocookie<br>
;; global options: +cmd<br>
;; no servers could be reached</blockquote>
Here is my dnsdist.conf :
<p></p>
<p> </p>
<blockquote type="cite">-- disable security status polling via DNS<br>
setSecurityPollSuffix("")<br>
<br>
setACL("127.0.0.1/8")<br>
<br>
-- Define upstream DNS server (Pi-hole)<br>
newServer({address="192.168.0.26:53", name="Pi2-hole",
checkInterval=60, mustResolve=true})<br>
newServer({address="192.168.0.24:53", name="Pi1-hole",
checkInterval=60, mustResolve=true})<br>
<br>
-- Set the load balancing policy<br>
setServerPolicy(roundrobin)<br>
<br>
-- Create local DOH server listener in DNS over HTTP mode,
otherwise the information coming from nginx won't be processed
well<br>
addDOHLocal("127.0.0.1:5300", nil, nil, "/dns-query",
{reusePort=true, trustForwardedForHeader=false,
keepIncomingHeaders=true})<br>
</blockquote>
dnsdist is listening port 5300 though :
<p></p>
<p> </p>
<blockquote type="cite">➜ ~ sudo netstat -tapn | grep 5300
<br>
tcp 0 0 127.0.0.1:5300 0.0.0.0:*
LISTEN 508356/dnsdist</blockquote>
What is my mistake here ?
<p><br>
</p>
<pre class="moz-signature" cols="72">--
ROGER Vincent</pre>
</body>
</html>