From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTP id 4B7BA5A004F
	for <passt-dev@passt.top>; Wed, 24 Jul 2024 11:47:01 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1721814420;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=de/1mxcVTqE2nbik3Nan/bRdj3R8KiDuq1ZdQBw087E=;
	b=ONDFDFn3KLHL+gfKY+XtOlADOwOVxy+reY6lpxTbKVrc3jZa4kkClav4BE40qlQ9xD/SR8
	MO46RITejnJES65HPz8dDj1z5icCPe6zJK4Q5QgF/zIP59Xm7wSL0bgAqlTS3/vwauGvBA
	SgoY5sKKzZ6wgqvy7g+jVUR3PP9nD/A=
Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com
 [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-137-TzZ-UFEGNk-QoHAScMI7Mw-1; Wed, 24 Jul 2024 05:41:47 -0400
X-MC-Unique: TzZ-UFEGNk-QoHAScMI7Mw-1
Received: by mail-wr1-f72.google.com with SMTP id ffacd0b85a97d-36831948d94so3667856f8f.0
        for <passt-dev@passt.top>; Wed, 24 Jul 2024 02:41:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1721814106; x=1722418906;
        h=content-transfer-encoding:in-reply-to:from:content-language
         :references:to:subject:user-agent:mime-version:date:message-id
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=de/1mxcVTqE2nbik3Nan/bRdj3R8KiDuq1ZdQBw087E=;
        b=jQpN7zus0JB/fGgfMezMPyehS5xTrIjls2PFfk19DpJewJ3JaSKqsCf0MdFho4Gy3P
         kyySeqXgc3xicQzFdIChUieeHGcKQrraAedZjiLRmObnNYk9wLq4M5w3pWTmC0jf1gNP
         DEZWapYNBP2OI1XD980ZeUi2SswmLL7D3Fpd6Gy/d1qnDqgfaDqA+dxSPpfMlK4by4e0
         r4um/24NDUYc3I78fvRZgnlyWOFKaPkQdjb0goAEn6/pAb2sBy6yS1hEVI9VIpPc20a+
         oWh+5ByxLmrFsoQaZ9toHJxB2z40JejGyFzgK1eUSFNN5NYsoAH+AAB3/xlmzdenzWKE
         dJkg==
X-Forwarded-Encrypted: i=1; AJvYcCWv4fR1TXVAT3TRU6/Ry4OM5jkw1nXGxaJox1+Fj/2lHmRTfuqBUdhYJLadXDY0zG7cCqz8cJONvfLFxs1TZtyHzECn
X-Gm-Message-State: AOJu0Ywr9su5xLR8X/jpX5Rhiw7ISxfmfCAHSeT3Fyr4Ejx6CY6WIs6q
	GnujRo5QJATI9SkSJS1zDRdIsB+EvsqY1iAoTTUq/rqEMTjuhuvkOLiiWdfBDVEMjWTKLPc0hPt
	Duv0BlwzpfpK2r41YtDSXh8nePa2CwzPeYjK92QUUUFkjqlKAAw==
X-Received: by 2002:adf:cd05:0:b0:367:91d8:a1d2 with SMTP id ffacd0b85a97d-369f5b3467emr1120021f8f.30.1721814106091;
        Wed, 24 Jul 2024 02:41:46 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEkC3rz2O/fXysr19T4FafGI5TB/JDjJl3ws4M0H+Ib1pPsq+KzmbMLVkEumXCoBmUYs4CvlA==
X-Received: by 2002:adf:cd05:0:b0:367:91d8:a1d2 with SMTP id ffacd0b85a97d-369f5b3467emr1120001f8f.30.1721814105640;
        Wed, 24 Jul 2024 02:41:45 -0700 (PDT)
Received: from [192.168.188.25] ([80.243.52.134])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3687868ac48sm13841078f8f.29.2024.07.24.02.41.44
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Wed, 24 Jul 2024 02:41:45 -0700 (PDT)
Message-ID: <9c98f64f-9c71-4f98-8d37-8456c85e89f6@redhat.com>
Date: Wed, 24 Jul 2024 11:41:44 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v2 2/2] fwd: Broaden what we consider for DNS specific
 forwarding rules
To: David Gibson <david@gibson.dropbear.id.au>, passt-dev@passt.top,
 Stefano Brivio <sbrivio@redhat.com>
References: <20240724075112.1279868-1-david@gibson.dropbear.id.au>
 <20240724075112.1279868-3-david@gibson.dropbear.id.au>
From: Paul Holzinger <pholzing@redhat.com>
In-Reply-To: <20240724075112.1279868-3-david@gibson.dropbear.id.au>
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID-Hash: BJP6GEYVGOGOA5DJ5SOQPZZKO5KQUQ6X
X-Message-ID-Hash: BJP6GEYVGOGOA5DJ5SOQPZZKO5KQUQ6X
X-MailFrom: pholzing@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/9c98f64f-9c71-4f98-8d37-8456c85e89f6@redhat.com/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/BJP6GEYVGOGOA5DJ5SOQPZZKO5KQUQ6X/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

Hi,

On 24/07/2024 09:51, David Gibson wrote:
> passt/pasta has options to redirect DNS requests from the guest to a
> different server address on the host side.  Currently, however, only UDP
> packets to port 53 are considered "DNS requests".  This ignores DNS
> requests over TCP - less common, but certainly possible.  It also ignores
> encrypted DNS requests on port 853.
>
> Extend the DNS forwarding logic to handle both of those cases.
The question here is if it handles DoT should it handle DoH as well, 
i.e. https (443)?
>
> Link: https://github.com/containers/podman/issues/23239
>
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

Tested-by: Paul Holzinger <pholzing@redhat.com>

I tested both dns over tcp and dns over tls with dig.

-- 
Paul