BETA: new feature: dns-over-tls record validation
Pre-release
Pre-release
Hi folks!
This is pre-release because not all features for dns-over-tls has been implemented. Stay tuned!
What actually changed:
- this and future releases by default requires
openssl
, but you can get rid of it - small fix for parallel iterators - removed one collect. Should be faster then.
- validate your records for ip or cname by dns-over-tls with dnseec, controlled by cli arg
--dns [yes/no]
default no
Note that:
- For some reason dot queries are slow... Like ~600 records per 1.5 minute. Needs investigation
- There are inbuilt non-logging, uncensored, privacy friendly dot servers +(cloudflare and quad9), 16 in total.
/etc/resolv.conf
or any other system dns conf is not respected- Regression with DragonflyBSD builds, as trust-dns-resolver bumped msrv
Full release will contain:
- User-defined dot servers
- Query speedup (hopefully)
- New option for only log-generating while dns validation, without rejecting.