mirror of https://github.com/minoplhy/DNSserver.git synced 2024-11-24 10:16:54 +00:00

My Personal Configuration for DNSserver using Haproxy or NGINX

Go to file

Minoplhy 2aeab8bf55 Create dnscrypt-proxy.toml		2021-01-11 20:04:32 +07:00
addition	check.http	2021-01-01 19:42:07 +07:00
client-conf	Create dnscrypt-proxy.toml	2021-01-11 20:04:32 +07:00
configuration	Create encrypted-dns.toml	2021-01-11 19:58:55 +07:00
filters	KeePass are blocked back again	2021-01-11 20:00:52 +07:00
bright.md	Create bright.md	2021-01-01 20:25:06 +07:00
download-filters.sh	Update download-filters.sh	2021-01-06 20:38:35 +07:00
README.md	quicik!	2021-01-02 22:04:04 +07:00

README.md

DOT DOH with haproxy

Mozilla ssl-config

!!! denylist.rpz and allowlist.rpz are made for my private use and will cause problem with some domain !!!

Query
           Dns-over-TLS
          --------------------->  Haproxy(Frontend)    ----------------------------->  Knot-resolver
   Cluster                         Listen(TCP/443/853)                                 Listen(Local/dns)
          --------------------->            (HTTP/443) -------> m13253/DOH   ------->
	   Dns-over-HTTPS                                       Listen(Local/http)

Server structure

    Server(or instances)
    |
    |----> Frontend-DOH (Haproxy 443 http TLS 1.3 strict-sni hdr/host/ ssl)
    |           |----> DOH (m13253/dns-over-https local)
    |                    |---------------------------------------------------------------| 
    |----> Frontend-DOT (Haproxy 443 853 tcp TLS 1.3 strict-sni ssl_fc_sni ssl)          v
                      |--------------------------------------------------------------> Dns Resolver (Knot-resolver dns local)

Recommendation

knot-resolver Recommend using upstream repository on debian
Download.sh Recommend if you want to download all the default filters used in kresd.conf(knot-resolver configuration)

Mirror / Fork

notabug.org