[Pdns-users] DoT for recursor
Djerk Geurts
djerk at maizymoo.com
Tue May 9 13:20:18 UTC 2023
Hi Otto,
Thank you, good to know. I use dnsdist at my clients but am working on my lab at the moment where I don’t yet have have dnsdist deployed.
--
Djerk Geurts
> On 9 May 2023, at 13:47, Otto Moerbeek <otto at drijf.net> wrote:
>
> On Tue, May 09, 2023 at 01:34:51PM +0100, Djerk Geurts via Pdns-users wrote:
>
>> Hi all,
>>
>> Had a look and the only thing I could find is that DoT apparently is enabled when configuring PowerDNS-recursor with specific upstream servers on port 853.
>>
>> Being relatively new to DoT and DoH I’m trying to work out why I can’t configure the recursor to listen to port 853 without configuring a specific forwarder. It looks like this is possible for dnsdist, so why not recursor, or am I missing something?
>
> Recursor 4.8 has a way to discover if an auth supports DoT. See
> https://blog.powerdns.com/2022/06/13/probing-dot-support-of-authoritative-servers-just-try-it/
>
> Recursor has no incoming DoT or DoH, because it is easy to use dnsdist
> in front of Recursor for that. So there is little incentive to add
> that functionality to the Recursor itself.
>
> -Otto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230509/827b9dd0/attachment.htm>
More information about the Pdns-users
mailing list