DoT forwarding from BIND9
Petr Menšík
pemensik at redhat.com
Wed Dec 14 15:12:46 UTC 2022
Hello,
I tried to find a way how to configure queries forwarding over encrypted
channel. But unlike zone transfer and notifications, I have not found a
way to configure query forwarding over DNS over TLS even in latest
9.18.9 version.
Have I looked wrong? Is there some important limit why this is not
straightforward to configure? Is there some architectural change needed
to be able to handle high enough count of forwarded queries? I think
acting as a cache for local network and forwarding queries over
encrypted channel might be quite common configuration.
But I have not found a way how to specify tls paramters for forwarders
clause. Is there some reason for it? Is there missing some important
implementation detail? I think unbound can forward queries over
encrypted channel just fine. Is bind able to configure the same thing?
Version 9.18 already has solid support for queries served over XoT. Is
it still missing ability to forward queries?
Regards,
Petr
--
Petr Menšík
Software Engineer, RHEL
Red Hat, https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
More information about the bind-users
mailing list