Somebody please explain PROXYv2 to me and the myriad of ways to do DoH?

submitted 5 months ago by Findmysec@infosec.pub

I've been looking to implement DoH

  1. The first idea was to simply follow this - I do not understand the configuration fully but it looked fine.
  2. Then, I decided to use a proxy/Load balancer in front of BIND to deal with HTTPS.

However, I came across PROXYv2 (which is not even mentioned in the docs, just in a blog post) and the likes of DNSdist.

My questions:

  1. I can't find a detailed explanation of what I need to do about PROXYv2 - does my Reverse-proxy absolutely need to have it to be able to communicate with my DNS server?
  2. Why can't I just have any reverse-proxy that can handle HTTPS and put it in front of my DNS resolver? Does my proxy need to have a specific protocol to be able to talk DNS queries?

I am still confused, would really appreciate some help :)

0

Log in to comment