Somebody please explain PROXYv2 to me and the myriad of ways to do DoH?
submitted 5 months ago by Findmysec@infosec.pub
I've been looking to implement DoH
- The first idea was to simply follow this - I do not understand the configuration fully but it looked fine.
- Then, I decided to use a proxy/Load balancer in front of BIND to deal with HTTPS.
However, I came across PROXYv2 (which is not even mentioned in the docs, just in a blog post) and the likes of DNSdist.
My questions:
- I can't find a detailed explanation of what I need to do about PROXYv2 - does my Reverse-proxy absolutely need to have it to be able to communicate with my DNS server?
- Why can't I just have any reverse-proxy that can handle HTTPS and put it in front of my DNS resolver? Does my proxy need to have a specific protocol to be able to talk DNS queries?
I am still confused, would really appreciate some help :)