Add support for DNS-over-HTTPS resolver

author: Martin Polden <mpolden@mpolden.no> 2019-12-27 21:18:01 +0100
committer: Martin Polden <mpolden@mpolden.no> 2019-12-27 21:22:02 +0100
commit: 9de57a7ae6c708caf50fccb10b567e82d676b3c8 (patch)
tree: 3c0c818803020fd90d31ec037bcbf55cb3fd43c7 /zdnsrc
parent: 2bf84ab1138095f812600051134f12e10d120bd1 (diff)
1 files changed, 15 insertions, 5 deletions
diff --git a/zdnsrc b/zdnsrc
index f1f51cb..90b9ea9 100644
--- a/zdnsrc
+++ b/zdnsrc
@@ -28,6 +28,12 @@
 #   "1.1.1.1:853",
 #   "1.0.0.1:853",
 # ]
+#
+# Or using DNS-over-HTTPS:
+#
+# resolvers = [
+#   "https://cloudflare-dns.com/dns-query",
+# ]
 
 # Configure how to answer hijacked DNS requests.
 #
@@ -66,11 +72,15 @@
 # listen_http = "127.0.0.1:8053"
 
 [resolver]
-# Set the protocol to use when sending requests to upstream resolvers. Support protocols:
-#
-# tcp-tls: Use encrypted protocol (DNS-over-TLS). Note that the configured upstream resolvers must support this protocol.
-# udp: Plain DNS over UDP.
-# tcp: Plain DNS over TCP.
+# Set the protocol to use when sending requests to upstream resolvers. Supported protocols:
+#
+# tcp-tls: DNS over TLS (encrypted). Note that the upstream resolver must
+#          support this protocol.
+# https:   DNS over HTTPS (encrypted). Only recommended for networks where tcp-tls
+#          does not work, due to e.g. aggressive firewalls. Note that the upstream
+#          resolver must support this protocol.
+# udp:     DNS over UDP (plaintext).
+# tcp:     DNS over TCP (plaintext).
 #
 # protocol = "tcp-tls"
author	Martin Polden <mpolden@mpolden.no>	2019-12-27 21:18:01 +0100
committer	Martin Polden <mpolden@mpolden.no>	2019-12-27 21:22:02 +0100
commit	9de57a7ae6c708caf50fccb10b567e82d676b3c8 (patch)
tree	3c0c818803020fd90d31ec037bcbf55cb3fd43c7 /zdnsrc
parent	2bf84ab1138095f812600051134f12e10d120bd1 (diff)