[dnsdist] Choices to use DoT/DoH with DNSdist from OpenWRT 17.01?
nbkowalewski at gmx.net
Thu Aug 22 13:06:48 UTC 2019
Dear Remi and Group,
this is only partially an dnsdist question, but probably some folks here might have looked into this.
1. when trying out dnsmasq/stubby , to tstart and later also to talk to a DNSdist instance - seems to work fine from a newly rebuilt openwrt 18.06.02
root at OpenWrt:~# stubby
[13:33:12.016680] STUBBY: Read config from file /etc/stubby/stubby.yml
[13:33:12.016787] STUBBY: DNSSEC Validation is OFF
[13:33:12.016794] STUBBY: Transport list is:
[13:33:12.016797] STUBBY: - TLS
[13:33:12.016800] STUBBY: Privacy Usage Profile is Strict (Authentication required)
[13:33:12.016804] STUBBY: (NOTE a Strict Profile only applies when TLS is the ONLY transport!!)
[13:33:12.016807] STUBBY: Starting DAEMON....
Question are who is is running this running also with older OpenWRTâ¦
a) does anyone have DNSdist working with a stubby built from a LEDE 17.01  box?
b) have you seen a working (and non-performance breakdown) way to install a very simple binary openWRT package that allows DNS-over-TLS with DNSdist in a silmilarly easy way as https_dns_proxy  does?
IIRC it canât work with DNSdist becasue of DNSdist not supporting application/dns-json as content type - or can DNSdist do that by some currently not (yet?) published extension/config flag?
c) or is the only way to get this work on LEDE 17.01 using unbound  (nothing to be said against unbound, except that there might be a simpler way)?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dnsdist