unbound DoH behind nginx
Hauke Lampe
lampe at hauke-lampe.de
Mon Dec 13 22:04:30 UTC 2021
On 13.12.21 21:53, Emre Eryilmaz via Unbound-users wrote:
> proxy_http_version 1.1;
...
> unbound: [16302:0] debug: http2: session_recv from 172.x.x.x failed, error: Received bad client magic byte string
> So, I couldn't find error reason. What am I missing?
The problem might be that the nginx proxy talks HTTP 1.1 to unbound
while unbound expects encrypted HTTPS 2. Nginx doesn't support HTTP 2 on
the downstream connection.
I use dnsdist to proxy DOT and DOH, so I'm not quite sure how to
configure unbound to accept queries over plain HTTP instead of HTTPS/2.
A quick search in the manpage only turns up https-port:, no http-port:
Hauke.
More information about the Unbound-users
mailing list