Fwd: DNS-over-HTTP Issue
Metin Akin
admin at metinakin.net
Mon Aug 4 16:53:24 UTC 2025
Hi all,
I'm trying to configure internetsystemsconsortium/bind9:9.21 docker image to act like a recursive DNS-over-HTTP server as a backend to another frontend application that handles all of the HTTPS work from the client, but I couldn't make the server work properly with even making direct requests.
I activated the port 553 to test it as a regular DNS handler and it works, but DNS-over-HTTP feature does not work over 8080 port. I'm sending a GET request in RFC8484 format like this:
curl -H "Content-Type: application/dns-message" 'http://<MY_SERVER_IP>:8080/dns-query?dns=qqoBAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE'
this returns "curl: (1) Received HTTP/0.9 when not allowed"
When I try this one:
curl -H "Content-Type: application/dns-message" 'http://<MY_SERVER_IP>:8080/dns-query?dns=qqoBAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE' --http0.9 --output -
this returns d%
I have this named.conf file:
acl allowed_clients {
<MY_IP>/32;
};
http doh {
endpoints { "/dns-query"; };
};
options {
directory "/var/cache/bind";
interface-interval 0;
listen-on port 553 { any; };
listen-on port 8080 tls none http doh { any; };
allow-query { allowed_clients; };
allow-transfer { none; };
allow-notify { none; };
allow-update { none; };
allow-recursion { allowed_clients; };
recursion yes;
auth-nxdomain no;
dnssec-validation no;
};
logging{
channel simple_log {
stderr;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category default{
simple_log;
};
};
Looking forward to your reply and thank you very much for your help in advance!
Metin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250804/03802c7b/attachment-0001.htm>
More information about the bind-users
mailing list