[dns-operations] A dns-proxy for DNS over HTTP(s)

Paul Vixie paul at redbarn.org
Sun Sep 27 22:28:11 UTC 2015

Paul Vixie wrote:
> ...
> i wrote a gateway in C that can run on any posix systems (both the
> dns-stub side and the dns-recursive) side. it's on github, here:
> https://github.com/BII-Lab/DNSoverHTTP

after struggling with Apache for some long while now, i've brought up a
permanent DNS-over-HTTP service at proxy-dns.tisf.net. the IP addresses
(V6 and V4) are unlikely to change ("are safe to hard-code".)

i am now running the client side (proxy_dns_gw) on my laptop, and
tunneling all of my DNS traffic back to the server side (proxy_dns_fcgi)
even while on travel. it's clear text HTTP. just as likely to be blocked
by a national firewall, but a lot less likely to be side-jacked by a
hotel or coffeeshop exit gateway.

if you try this software, with or without also trying my server-side,
please let me know how it goes. this is the first software i've written
in years, and it was fun.

note that the Golang implementation of this protocol is currently not
compatible with this C one and therefore with my server for it. The
Golang implementation will be fixed by BII-Lab shortly.

Paul Vixie

More information about the dns-operations mailing list