[dnsdist] DoT/TCP model question
Remi Gacogne
remi.gacogne at powerdns.com
Fri Jan 15 13:13:17 UTC 2021
Hi Kevin,
On 1/15/21 1:37 PM, dbgong--- via dnsdist wrote:
> In the DoT and TCP model, dnsdist only issue a TCP query to the
> backend server. And there is no way to configure it to send a UDP
> query to the backend server. Is this a feature or a bug?
Forwarding queries received over TCP and DoT to the backend over TCP is
a design choice. We might at some point implement the ability to decide
whether you want queries forwarded over UDP or TCP, regardless of the
incoming protocol, but it goes with a lot of surprises and headaches
regarding EDNS payload size and truncation, at the very least.
We made a different choice for DoH based on the fact that at the moment
DoH client are always regular clients, with up-to-date implementations,
but even that proved to be painful as well.
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
More information about the dnsdist
mailing list