Unbound DNS over HTTPS Trouble
Jaap Akkerhuis
jaap at NLnetLabs.nl
Thu Jun 17 18:47:21 UTC 2021
"A. Schulze via Unbound-users" writes:
> Am 17.06.21 um 20:02 schrieb Aaron D. Gifford:
>
> >> Andreas
> > Hmmm, I'm using the FreeBSD prebuilt package from their port system. Let me see if I can find what libnghttp2 version it was built with. Ah, libnghttp2-1.43.0 is the FreeBSD prebuilt package it installed as a dependency.
>
> ok, then maybe the developers @nlnetlabs may help ...
According to the RFC, https://datatracker.ietf.org/doc/html/rfc8484#section-5.2
5.2. HTTP/2
HTTP/2 [RFC7540] is the minimum RECOMMENDED version of HTTP for use
with DoH.
The messages in classic UDP-based DNS [RFC1035] are inherently
unordered and have low overhead. A competitive HTTP transport needs
to support reordering, parallelism, priority, and header compression
to achieve similar performance. Those features were introduced to
HTTP in HTTP/2 [RFC7540]. Earlier versions of HTTP are capable of
conveying the semantic requirements of DoH but may result in very
poor performance.
No point into not following this recommendation.
jaap
More information about the Unbound-users
mailing list