DNS BIND 9.18.0 版支援 DoT、DoH、XoT

BIND 9.18.0 – A New Stable Branch

• Support for securing DNS traffic using Transport Layer Security (TLS). TLS is used by both DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH).
• Support for zone transfers over TLS (XFR-over-TLS, XoT) for both incoming and outgoing zone transfers.
• The dig tool is now able to send DoT queries (+tls option).
• Support for OpenSSL 3.0 APIs was added.

用 dig 來驗證功能

DoH

dig ssorc.tw @8.8.8.8 +https

;; SERVER: 8.8.8.8#443(8.8.8.8) (HTTPS)

DoT

dig ssorc.tw @8.8.8.8 +tls

;; SERVER: 8.8.8.8#853(8.8.8.8) (TLS)