[dnsdist] dnsdist 1.5.1 doh + options bug ?
Winfried Angele
abang at t-ipnet.net
Tue Oct 6 04:23:16 UTC 2020
Hi Dave,
> { reusePort=True }
lua -e 'print(True) print(true)'
nil
true
In Lua some things are true but not <True>.
Winfried
On 06.10.20 02:14, Dave Knight via dnsdist wrote:
> Hello all,
>
> Recently started exploring dnsdist and joined the mail list just today.
>
> I'd been playing with DoT and DoH in 1.4.0 without problems. Since switching to 1.5.0 and now 1.5.1 I have problems with DoH.
>
> I did some fiddling in the config and found that DoH doesn't work for a listener configured where addDOHLocal has { options }.
>
> Is this a bug, or am I doing something stupid ? :-)
>
>
>
> Running on
>
> root at dnsdist-21vzgq2:# dnsdist --version
>
> dnsdist 1.5.1 (Lua 5.3.3)
> Enabled features: dns-over-tls(gnutls openssl) dns-over-https(DOH) ebpf fstrm ipcipher protobuf recvmmsg/sendmmsg systemd
>
> root at dnsdist-21vzgq2:# lsb_release -a
>
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description: Ubuntu 20.04.1 LTS
> Release: 20.04
> Codename: focal
>
>
> I scripted testing various config changes
>
> # for version in 1 2 3 4 ; do
> echo === $version ===
> echo
> ln -sf dnsdist.conf.${version} dnsdist.conf
> systemctl restart dnsdist
> cat dnsdist.conf
> echo
> doh -k www.example.com https://[::1]/dns-query
> echo
> done
>
> === 1 ===
>
> newServer({ address="8.8.8.8",
> qps=100000,
> useClientSubnet=true
> })
>
> setServerPolicy(firstAvailable)
>
> setACL({ '0.0.0.0/0', '::0/0' })
>
> addDOHLocal( '[::1]:443',
> '/etc/ssl/certs/bigalsfancydns.com.pem',
> '/etc/ssl/private/bigalsfancydns.com.key',
> { reusePort=True } )
>
> Probe for AAAA got response: 404
> Probe for A got response: 404
>
> === 2 ===
>
> newServer({ address="8.8.8.8",
> qps=100000,
> useClientSubnet=true
> })
>
> setServerPolicy(firstAvailable)
>
> setACL({ '0.0.0.0/0', '::0/0' })
>
> addDOHLocal( '[::1]:443',
> '/etc/ssl/certs/bigalsfancydns.com.pem',
> '/etc/ssl/private/bigalsfancydns.com.key',
> { reusePort=False } )
>
> Probe for AAAA got response: 404
> Probe for A got response: 404
>
> === 3 ===
>
> newServer({ address="8.8.8.8",
> qps=100000,
> useClientSubnet=true
> })
>
> setServerPolicy(firstAvailable)
>
> setACL({ '0.0.0.0/0', '::0/0' })
>
> addDOHLocal( '[::1]:443',
> '/etc/ssl/certs/bigalsfancydns.com.pem',
> '/etc/ssl/private/bigalsfancydns.com.key',
> { } )
>
> Probe for A got response: 404
> Probe for AAAA got response: 404
>
> === 4 ===
>
> newServer({ address="8.8.8.8",
> qps=100000,
> useClientSubnet=true
> })
>
> setServerPolicy(firstAvailable)
>
> setACL({ '0.0.0.0/0', '::0/0' })
>
> addDOHLocal( '[::1]:443',
> '/etc/ssl/certs/bigalsfancydns.com.pem',
> '/etc/ssl/private/bigalsfancydns.com.key' )
>
> [www.example.com]
> TTL: 20767 seconds
> A: 93.184.216.34
> AAAA: 2606:2800:0220:0001:0248:1893:25c8:1946
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>
More information about the dnsdist
mailing list