[Pdns-users] DNS-over-TLS option
Otto Moerbeek
otto at drijf.net
Tue Nov 15 06:07:37 UTC 2022
On Tue, Nov 15, 2022 at 11:36:44AM +1300, Michael Hallager wrote:
> On 2022-11-14 19:29, Otto Moerbeek wrote:
>
> > The upgrade guide has pointers, but in this case there's also a blog
> > post:
> >
> > https://blog.powerdns.com/2022/06/13/probing-dot-support-of-authoritative-servers-just-try-it/
> >
> > More detains in:
> >
> > https://docs.powerdns.com/recursor/settings.html#max-busy-dot-probes
> > https://docs.powerdns.com/recursor/settings.html#dot-to-port-853
> > https://docs.powerdns.com/recursor/settings.html#dot-to-auth-names
>
> Thanks for this, Otto.
>
> It also needs an authoritative server which supports TLS. I see an option
> for this at compile time for PowerDNS but no obvious mention in the
> documents.
>
> Michael
The support on the authoritative side only enables DoT for the sdig
tool at the moment. A dnsdist in front of auth can provide incoming
DoT to an auth.
-Otto
More information about the Pdns-users
mailing list