Hi Remi,
On Thu, 2 Oct 2025 10:40:38 +0200 Remi Gacogne via dnsdist wrote:
It seemed to us that the URLs parameter, which can be used to configure
the HTTP paths dnsdist will accept DNS queries on, was causing a lot of
confusion, so we decided to just accept DNS queries on all paths for DoH3.
Got it and that makes sense. Maybe worth updating the docs to mention
this important detail?
I never used that parameter to configure alternative paths for DNS
queries though,
but merely for the redirect, because I thought it was needed, based on
reading this:
https://mailman.powerdns.com/pipermail/dnsdist/2019-September/000685.html
I don't think this is related to the urls parameter, wouldn't you rather
happen to have a response map [1][2] for DoH handling the redirect?
Yes.
But isn't the urls parameter needed to make that work?
In my configuration I have this:
{ '/.well-known/security.txt', '/dns-query' }
When I leave out the '/.well-known/security.txt' part, the response map
I defined stops working.
I guess that’s where the confusion on my part arose, but in the case of
addDOH3Local,
where there is no longer a urls parameter things may be different.
So yes, Indeed the core of my question was the need for a response map
feature.
Response map support hasn't been implemented for DoH3 yet, and seems
there was no feature request for it in our tracker I just created it [3].
Oh, that's nice - many thanks!
I may have a suggestion for that as well:
Since newDOHResponseMapEntry accepts a regex I was wondering...
Wouldn't it be cool if we could reference the match from a regex (e.g.
$1) in the content string, if at all possible to do?
That way, we could use the dynamic part of the URL (e.g. the token in an
ACME challenge request)
in a response.
Like this for example:
`^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$`
content string:
https://example.nl/.well-known/acme-challenge/$1
Perhaps there are other possible use cases as well.
Hope that makes sense.
--
Marco
_______________________________________________
dnsdist mailing list
[email protected]
https://mailman.powerdns.com/mailman/listinfo/dnsdist
