DNSSEC support? - Githubissues

TuxInvader / nginx-dns

Sample Configuration for DNS over HTTPS (DoH/DoT gateway) and GSLB with NGINX

BSD 2-Clause "Simplified" License

194 stars 47 forks source link

DNSSEC support? #17

Open solracsf opened 1 year ago

solracsf commented 1 year ago

stream {
    upstream dot {
        zone dot 64k;
        server 1.1.1.1:853;
    }

    server {
        listen 853;
        proxy_ssl on;
        proxy_pass dot;
    }
}

# delv @127.0.0.1 -p 853 +tcp cloudflare.com
;; connection refused resolving 'cloudflare.com/DNSKEY/IN': 127.0.0.1#853
;; broken trust chain resolving 'cloudflare.com/A/IN': 127.0.0.1#853
;; resolution failed: broken trust chain