T-DNS server proxy


Tdns-server-proxy is a server-side proxy for DNS that takes connection (TCP/TLS) based DNS queries from client and forwards them to a recursive DNS server over UDP. Ideally, the recursive DNS server should be running at the same host as this proxy. It also forwards responses from the recursive DNS server back to client over TCP/TLS. It can be used to pair with tdns-client-proxy to accomplish T-DNS's features, such as query pipelining and out-of-order responses. It tracks the current Specification for DNS over TLS, draft-ietf-dprive-dns-over-tls-09, enabling direct TLS on port 853 by default, with TCP and STARTTLS as options. A man page (README.man in the package) describes how to use this proxy.

  • tdns-server-proxy-20151110.tar.gz (version 1.0.2, 2015-11-10); current release

    • use direct TLS and port 853 by default
    • TCP with STARTTLS as option

  • tdns-server-proxy-20150529.tar.gz (version 1.0.1, 2015-05-29)

    • fix a bug of setting listening IP address

  • tdns-server-proxy-20150528.tar.gz (version 1.0, 2015-05-28)

    • completely re-implement the proxy with libevent to better handle many concurrent connections
    • add support for incoming direct TLS connections
    • remove the support for UDP queries
    • add support for persistent connection with given timeout

  • tdns-server-proxy-20140402.tar.gz (version 0.1, 2014-04-02)

    • initial release
    • proof-of-concept

  • dns_proxy_20140227.tar.gz (version 0.0, 2014-02-27)

    This proxy is an early prototype of T-DNS. It requires manual configuration, does not track the current specification and has been superseded by later releases.