Hi, > Need help with the COPR packages for BIND, they don’t seem to have DOH > enabled / working
That's not the case, DNS-over-HTTPS should work just fine with our Copr packages. > Should have: compiled with DNS-over-HTTPS > It does not no? DNS-over-HTTPS support in BIND 9 is implemented using libnghttp2, which is visible in your "named -V" output. > [root@ip-172-31-19-151 knot-3.1.7]# curl -H 'accept: application/dns-message' > -H 'content-type: application/dns-message' --data-binary @query.bin > http://127.0.0.1/dns-query --output response.bin > % Total % Received % Xferd Average Speed Time Time Time > Current > Dload Upload Total Spent Left Speed > 100 29 0 0 100 29 0 3622 --:--:-- --:--:-- --:--:-- 4142 > curl: (1) Received HTTP/0.9 when not allowed > > [root@ip-172-31-19-151 knot-3.1.7]# curl --http0.9 -H 'accept: > application/dns-message' -H 'content-type: application/dns-message' > --data-binary @query.bin http://127.0.0.1/dns-query --output response.bin > % Total % Received % Xferd Average Speed Time Time Time > Current > Dload Upload Total Spent Left Speed > > 100 44 0 15 100 29 27027 52252 --:--:-- --:--:-- --:--:-- 44000 > > > It looks like BIND is: > > * Receiving the request on port 80 > * But not routing /dns-query to the DNS-over-HTTPS handler > * And instead replying with a default, empty (or internal error) response > — possibly from the wrong handler entirely > Im guessing this is because DOH is not actually compiled into this build? > These builds had DOH compiled in the past, appreciate any insights. curl defaults to sending HTTP/1.1 requests for HTTP URLs. BIND 9 does not support HTTP/1.1 for DNS-over-HTTPS; HTTP/2 is the minimum. For testing purposes, you're probably looking for "dig +http-plain". If you need to use curl, look at --http2-prior-knowledge. -- Best regards, Michał Kępień -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
