[dnsdist] DOH configuration issue

Chandra me at tgrthi.me
Sun Mar 19 15:54:19 UTC 2023

Hello all,

I am trying to configure DOH over HTTP and I can't seem to figure out what I'm doing wrong. I have a nginx proxying the incoming request and don't need it on HTTPS.  Here's my config

*--- doh over http*
setACL({"", "::/0"})

newServer({address="", pool="pub-unsafe-tier1",name="cloudflare"})
newServer({address="", pool="pub-unsafe-tier1",name="google"})
newServer({address="", pool="pub-safe-tier2",name="dnswatch1",checkInterval=60})
newServer({address="", pool="pub-safe-tier2",name="dnswatch2",checkInterval=60})

addDOHLocal("",nil,nil, "/dns-query", { reusePort=true, trustForwardedForHeader=true })

When testing on the  locally, here's what I get:

$ curl  -H 'accept: application/dns-message'  'http://localhost:9090/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB'

dns query not allowed

$ ...

Where am I going wrong?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20230319/c6a597be/attachment.htm>

More information about the dnsdist mailing list