[Dnsmasq-discuss] Caching of HTTPS and SVCB records

Evandro Menezes ebahapo at icloud.com
Fri Dec 8 18:44:41 UTC 2023 

Awesome!  This will make evaluating the caching of the HTTPS record much more easy.

Thank you, Dominik.

-- 
Evandro Menezes



> Em 7 de dez. de 2023, à(s) 21:35, Dominik Derigs <dl6er at dl6er.de> escreveu:
> 
> Hey Evandro,
> 
> chaching of arbitrary types has been added this year in March and is
> available in the latest master code (option --cache-rr). You can even
> add --cache-rr=ANY to cache all records.
> 
> See
> https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=638c7c4d20004c0f320820098e29df62a27dd2a1
> and
> https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=c244d92d8a3f96e3a16b53f733190faa17004ae3
> 
> and the corresponding man page entry:
> 
> --cache-rr=<rrtype>[,<rrtype>...]
> By default, dnsmasq caches A, AAAA, CNAME and SRV DNS record types.
> This option adds other record types to the cache. The RR-type can be
> given as a name such as TXT or MX or a decimal number. A single --cache-
> rr option can take a comma-separated list or RR-types and more than one
> --cache-rr option is allowed. Use --cache-rr=ANY to enable caching for
> all RR-types.
> 
> This feature is included in the current Pi-hole v6.0 beta testing to get
> a wide testing audience (it is enabled to cache ANY in Pi-hole) but more
> testing is always welcome!
> 
> Best,
> Dominik
> 
> On Thu, 2023-12-07 at 14:05 -0600, Evandro Menezes via Dnsmasq-discuss
> wrote:
>> Current OSes are now using the HTTPS record to query the addresses and the canonical name, as well other information important to browsers, rather than using the A and AAAA records as they used to.
>> 
>> In my anecdotal experience, HTTPS queries amount to over a third of the queries.  It might make sense to cache their replies, if not to decode them and also populate the cache with any information for A, AAAA and CNAME the they may contain.
>> 
>> Another record that is rising in usage in SVCB, primarily by browsers and IoT devices, to discover the DNS resolvers for DNS over HTTPS, DNS over TLS and DNS over QUIC.  Along with HTTPS, it would be interesting to add a configuration option for these records.
>> 
>> If these suggestions are considered worthwhile, I’d be glad to contribute patches.
>> 
>> Cheers,
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20231208/674b8a03/attachment.htm>

More information about the Dnsmasq-discuss mailing list