Closed qrkourier closed 1 year ago
I believe intercept and hosting support for MX, TXT, and SRV records is present in both C-SDK and Go SDK tunnel implementations. This is activated by creating a Ziti service with a wildcard intercept address. The DNS queries for these record types are matched by the RNAME value of the query, parsed into a Ziti Edge message, received by the hosting tunnel with Bind permission, then resolved locally according to that host's default resolver configuration.
documenting this in https://github.com/openziti/ziti-doc/pull/619
ziti router
cannot currently answer SRV queries, which is essential for tunneling things like Kerberos authentication for Active Directory.