Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS records not returned #177

Closed
kuon opened this issue Jun 6, 2022 · 2 comments
Closed

HTTPS records not returned #177

kuon opened this issue Jun 6, 2022 · 2 comments

Comments

@kuon
Copy link

kuon commented Jun 6, 2022

If I do:

drill HTTPS ifconfig.io

I got the following output:

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 25097
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; ifconfig.io.	IN	A

;; ANSWER SECTION:
ifconfig.io.	232	IN	A	188.114.96.14
ifconfig.io.	232	IN	A	188.114.97.14

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 1 msec
;; SERVER: 10.11.1.1
;; WHEN: Mon Jun  6 23:07:47 2022
;; MSG SIZE  rcvd: 61

I expect the HTTPS record.

Same with dig:

dig HTTPS ifconfig.io


; <<>> DiG 9.18.2 <<>> HTTPS ifconfig.io
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25199
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ifconfig.io.			IN	HTTPS

;; ANSWER SECTION:
ifconfig.io.		300	IN	HTTPS	1 . alpn="h3,h3-29,h2" ipv4hint=188.114.96.14,188.114.97.14 ipv6hint=2a06:98c1:3120::e,2a06:98c1:3121::e

;; Query time: 20 msec
;; SERVER: 10.11.1.1#53(10.11.1.1) (UDP)
;; WHEN: Mon Jun 06 23:08:35 CEST 2022
;; MSG SIZE  rcvd: 119
wtoorop added a commit that referenced this issue Jun 9, 2022
@wtoorop
Enable compile of SVCB and HTTPS support by default
d34309f 
Since it is almost RFC. See also Issue #177
@wtoorop
Copy link
Member

wtoorop commented Jun 9, 2022
edited
Loading

Hi @kuon , you need to configure ldns with the --enable-rrtype-svcb-https before compiling to get SVCB and HTTPS support.
We do these configure flags for all features which are not RFC yet, because we don't want to expose things that are still in development and can still change.

However, since the draft is currently in the RFC editor queue, see https://www.rfc-editor.org/current_queue.php#draft-ietf-dnsop-svcb-https , I do think it is safe to have them configured by default now. I have committed that in d34309f

@wtoorop wtoorop closed this as completed Jun 9, 2022
@kuon
Copy link
Author

kuon commented Jun 9, 2022

Great. Thanks.

For information and reference, I came across HTTPS records because I was intercepting DNS requests for iOS devices (iPad) for ad blocking and it took me a while to understand why it wasn't working, that's because I was only intercepting A and AAAA requests, and the iPad already use HTTPS records. So it seems it is already widely deployed (at least on the client side).

@drmuey drmuey mentioned this issue May 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kuon @wtoorop