On 19/01/2023 10:53, Simon Kelley wrote:
From a quick scan of the draft, this is not trivial.
It looks like one form of the record is effectively a re-implementation
of CNAME, and all replies have lots of extra processing. It's not simply
a case of adding the ability to store a new RRtype in the cache; replies
to queries for that type have to include extra records in the additional
section. That requires being able to do multiple upstream queries to
answer one downstream query, or at least to cache all the results of an
upstream query, on the basis that the upstream recursive resolver does
the complicated stuff. Neither of these is architecturally possible in
the current code. See section 4.2 of the draft for details.
Addendum.
I just looked at the latest draft (11) rather than draft zero whixh was
linked here. That makes it clear that the additional processing is
optional, so simply caching SVCB recpords might be a usable option.
Opinions? I'm basing this on a 10 minute skim of the draft, does anyone
have more information?
Simon.
Cheers,
Simon.
On 19/01/2023 00:20, Dan Schaper via Dnsmasq-discuss wrote:
HTTPS is a valid resource record type. It's currently in draft status
but it's used in the wild rather frequently.
https://developer.mozilla.org/en-US/docs/Glossary/https_rr
https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns/
Best,
Dan
------ Original Message ------
From geo...@high-two.com
To "Gary Sakorafas" <gsakora...@gmail.com>
Cc dnsmasq-discuss@lists.thekelleys.org.uk
Date 1/18/2023 3:37:54 PM
Subject Re: [Dnsmasq-discuss] dnsmasq (pihole) caching of HTTPS requested
HTTPS is not a DNS record, so there is nothing to cache.
When you reference an URL, an HTTPS record, your system will have to
look up the system name to do that. That system name is in a DNS A
record (or AAAA if you are using IPv6).
On Wed, Jan 18, 2023 at 06:24:12PM -0500, Gary Sakorafas wrote:
hello team
I was inquiring about pihole's lack of cache for HTTPS requests and
they
directed me to you. As dnsmasq is used by pihole, is it possible
to add
caching for the HTTPS type?
*dnsmasq can only cache A, AAAA, CNAME, DS, DNSKEY and SRV. For the
three
latter it already utilizes blockmemory and I think this should be
extendable rather straightforward.*
--
-Mike
Rident stolidi verba Latina.
-Ovid
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
