DNS Queries Using API - BIND9

Vadim Pavlov pvm_job at mail.ru
Mon May 11 06:37:06 UTC 2020

Good idea. It may work. I’m using Intra for 1.5 years (with my DNS) and actually didn’t try it likely my DoH “old” proxy probably doesn’t support it. 
With nginx it should be possible if these open source clients support it.
For Win/Mac/Linux there should be some open source DoH clients (backup will be using it just in browsers).

> On May 10, 2020, at 23:26, Daniel Stirnimann <daniel.stirnimann at switch.ch> wrote:
> On 11.05.20 08:18, Vadim Pavlov via bind-users wrote:
>> The main issue that bind does’t provide an authentication method. So in
>> any case you somehow should manage the access to the DNS server vice
>> versa it will became open resolver and will be used for DDoS attacks.
> If you were to use DoH, you could use Basic Authentication. The DoH URL
> you could configure on your client systems could be something like this:
> https://username:password@doh.example.com/dns-query
> Daniel

More information about the bind-users mailing list