denizdogan
commented
2 years ago I just wanted to check in on the progress here! Are we there yet? 😄
Open qdm12 opened 4 years ago
denizdogan
commented
2 years ago I just wanted to check in on the progress here! Are we there yet? 😄
qdm12
commented
2 years ago It's still a work in progress at https://github.com/qdm12/dns/tree/v2.0.0-beta I can't give an exact timeline, but it's almost done.
jcheroske
commented
2 years ago It would be great if a specific DoT server could be specified, and not just providers. Not sure if this is doable now, but I haven't been able to find it.
frepke
commented
1 year ago It's still a work in progress at https://github.com/qdm12/dns/tree/v2.0.0-beta I can't give an exact timeline, but it's almost done.
Hi Quentin, any information available? And can we expect an implementation in Gluetun when it's ready?
qdm12
commented
1 year ago Can anyone try image qmcgaw/gluetun:pr-1742? It uses DNS over TLS in Go which I wrote with my own lil' fingers (arguably better than dns over https). Options should all be the same as before. The main difference is it doesn't do DNSSEC validation, which, after a lot of digging, turns out to be not that useful. I'll work on it though, but it doesn't feel like a blocking priority to drop Unbound.
This will allow a lot more options and customizations (even Prometheus metrics at some point, it's already in the dns server Go code).
pduchnovsky
commented
10 months ago Can anyone try image
qmcgaw/gluetun:pr-1742? It uses DNS over TLS in Go which I wrote with my own lil' fingers (arguably better than dns over https). Options should all be the same as before. The main difference is it doesn't do DNSSEC validation, which, after a lot of digging, turns out to be not that useful. I'll work on it though, but it doesn't feel like a blocking priority to drop Unbound.This will allow a lot more options and customizations (even Prometheus metrics at some point, it's already in the dns server Go code).
What needs to be tested exactly ?
Also, how safe is it to test this version in 'production' at this stage ? :D
Also, this would bring no improvement for people using DOT=off with DNS_PLAINTEXT_ADDRESS=
gaby
commented
8 months ago @qdm12 Why not use CoreDNS? That way people can use their CoreFile and also get access to all the functionality of CoreDNS. It's based in Go
github-actions[bot]
commented
3 months ago Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.
This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.
github-actions[bot]
commented
3 months ago Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.
This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.
qdm12
commented
2 weeks ago Re-opening because the implementation is not supporting DNS over HTTPs yet (the dns library does, but the gluetun code was not adapted yet)
We should adopt https://github.com/qdm12/dns/releases/tag/v2.0.0-rc5 even if it has no DNSSEC validation builtin yet. Main reason being most domains are not DNSSEC secured, and so your DNS provider (cloudflare, google etc.) can lie about the records for these unsecured domains, even if you can securely proof these are unsecured. So not really a point so much, although this will be done (see https://github.com/qdm12/dns/pull/97)
This is blocked by an upgrade of the qdm12/gosettings library to v0.4.0-rc9