Re: [Dnsmasq-discuss] dnsmasq (pihole) caching of HTTPS requested

Thu, 19 Jan 2023 03:09:29 -0800 

From a quick scan of the draft, this is not trivial.
It looks like one form of the record is effectively a re-implementation of CNAME, and all replies have lots of extra processing. It's not simply a case of adding the ability to store a new RRtype in the cache; replies to queries for that type have to include extra records in the additional section. That requires being able to do multiple upstream queries to answer one downstream query, or at least to cache all the results of an upstream query, on the basis that the upstream recursive resolver does the complicated stuff. Neither of these is architecturally possible in the current code. See section 4.2 of the draft for details. 


Cheers,

Simon.

On 19/01/2023 00:20, Dan Schaper via Dnsmasq-discuss wrote:

HTTPS is a valid resource record type. It's currently in draft status 
but it's used in the wild rather frequently.


https://developer.mozilla.org/en-US/docs/Glossary/https_rr

https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns/

Best,
Dan


------ Original Message ------

From geo...@high-two.com

To "Gary Sakorafas" <gsakora...@gmail.com>
Cc dnsmasq-discuss@lists.thekelleys.org.uk
Date 1/18/2023 3:37:54 PM
Subject Re: [Dnsmasq-discuss] dnsmasq (pihole) caching of HTTPS requested


HTTPS is not a DNS record, so there is nothing to cache.

When you reference an URL, an HTTPS record, your system will have to
look up the system name to do that.  That system name is in a DNS A
record (or AAAA if you are using IPv6).

On Wed, Jan 18, 2023 at 06:24:12PM -0500, Gary Sakorafas wrote:

 hello team


 I was inquiring about pihole's lack of cache for HTTPS requests and 
they
 directed me to you.  As dnsmasq is used by pihole, is it possible to 
add

 caching for the HTTPS type?


 *dnsmasq can only cache A, AAAA, CNAME, DS, DNSKEY and SRV. For the 
three

 latter it already utilizes blockmemory and I think this should be
 extendable rather straightforward.*


--
-Mike
 Rident stolidi verba Latina.
                        -Ovid


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss



_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss






















					Reply via email to