Remi Gacogne
Remi Gacogne
I'm going to postpone this once more. I have been thinking about a different packet-cache design for 1.10 that would make this kind of operation much cheaper anyway.
dnsdist does terminate TLS, but it does not generate the answer. So adding the padding in dnsdist would mean more work parsing the answer sent by the client to get...
I really should clarify that if someone wants EDNS padding to happen in dnsdist strongly enough to write the code, we would gladly accept that pull request :)
> Sounds fine to me, but based on our observation this does not happen in PROXYv2 coming from dnsdist, contrary to e.g. haproxy. > > That is, unless we're to...
I'm tentatively moving this FR to the 1.10 milestone so we can re-evaluate, but please be aware that this is not a promise. DNSdist 1.9 is now adding the proxy...
Makes sense to me! Note that you should be able to use the numerical value in most places in the meantime.
> Ok, no laziness ... even it is straightforward, good attitude! We have learned over the years that anything that is not automatically tested will end up broken at some...
I was wondering how the Lua configuration code handled this, because the frontend code that is called later does not seem to expect additional addresses to exist for UDP at...
I finally had the time to look into this, and I don't think there would be much to gain for UDP-based protocols (including DoQ and DoH3), but I think it...
I have working code for DoQ and DoH3, which is already a bit too complex to my liking to be included in 2.0.x, and looking at the UDP code it...