[GH-ISSUE #1687] DNS-over-QUIC (DoQ) does not work with dns.adguard.com #736

New issue

Closed

opened 2026-03-16 00:03:27 +03:00 by kerem · 9 comments

kerem commented 2026-03-16 00:03:27 +03:00

Owner

Copy link

Originally created by @bluejekyll on GitHub (Apr 8, 2022).
Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/1687

Describe the bug
When using DoQ for queries, the QUIC protocol errors with:

; using quic:94.140.14.14:853 dns_name:dns.adguard.com
; sending query: www.example.com. IN SOA
[2022-04-08T19:06:28Z DEBUG trust_dns_proto::xfer::dns_handle] querying: www.example.com. SOA
[2022-04-08T19:06:28Z DEBUG trust_dns_proto::xfer] enqueueing message:QUERY:[Query { name: Name("www.example.com."), query_type: SOA, query_class: IN, mdns_unicast_response: false }]
[2022-04-08T19:06:28Z DEBUG trust_dns_proto::quic::quic_stream] received packet len: 44 bytes: b"\0\0\x01\0\0\x01\0\0\0\0\0\x01\x03www\x07example\x03com\0\0\x06\0\x01\0\0)\x04\xd0\0\0\0\0\0\0"
Error: Error { kind: Proto(ProtoError { kind: QuinnReadError(FinishedEarly), backtrack: None }), backtrack: None }

To Reproduce
The current easiest way to reproduce this is to use the new dns utility from the project, see trust-dns-client-cli:

cargo run --all-features --bin dns -- --debug -p quic -t dns.adguard.com -n 94.140.14.14:853 query www.example.com. SOA

edit: it appears that adguard may require a custom ALPN, doq-i02, as opposed to the RFC's ALPN of doq, the proper command for that is, but has the same result:

cargo run --all-features --bin dns -- --debug -p quic -t dns.adguard.com -n 94.140.14.14:853 -a doq-i02 query www.example.com. SOA

Expected behavior
Correct behavior with DoH can be seen with the same server:

$> cargo run --all-features --bin dns -- --debug -p https -t dns.adguard.com -n 94.140.14.14:443 query www.example.com. SOA
    Finished dev [unoptimized + debuginfo] target(s) in 0.13s
     Running `target/debug/dns --debug -p https -t dns.adguard.com -n '94.140.14.14:443' query www.example.com. SOA`
; using https:94.140.14.14:443 dns_name:dns.adguard.com
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tcp connecting to: 94.140.14.14:443
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tcp connection established to: 94.140.14.14:443
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tls connection established to: 94.140.14.14:443
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] h2 connection established to: 94.140.14.14:443
; sending query: www.example.com. IN SOA
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::xfer::dns_handle] querying: www.example.com. SOA
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::xfer] enqueueing message:QUERY:[Query { name: Name("www.example.com."), query_type: SOA, query_class: IN, mdns_unicast_response: false }]
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] request: Request {
        method: POST,
        uri: https://dns.adguard.com/dns-query,
        version: HTTP/2.0,
        headers: {
            "content-type": "application/dns-message",
            "accept": "application/dns-message",
            "content-length": "44",
        },
        body: (),
    }
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] got response: Response {
        status: 200,
        version: HTTP/2.0,
        headers: {
            "cache-control": "max-age=1887.000000",
            "content-type": "application/dns-message",
            "content-length": "120",
            "date": "Fri, 08 Apr 2022 20:16:35 GMT",
        },
        body: RecvStream {
            inner: FlowControl {
                inner: OpaqueStreamRef {
                    stream_id: StreamId(
                        1,
                    ),
                    ref_count: 2,
                },
            },
        },
    }
[2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] got bytes: 120
; received response
; header 0:RD,RA:NoError:QUERY:0/1/1
; edns version: 0 dnssec_ok: false max_payload: 1232 opts: 0
; query
;; name: www.example.com. type: SOA class: IN mdns_unicast_response: false
; answers 0
; nameservers 1
example.com. 1887 IN SOA ns.icann.org. noc.dns.icann.org. 2022040401 7200 3600 1209600 3600
; additionals 1

Version:
Trust-DNS on up-to-date branch trust-dns-client-cli
Quinn version 0.8.2

Additional context

I've also be testing against a different DoQ service setup, which has fewer details, though I have more logs. It appears that the remote is seeing the stream as "finished" before the client has sent all logs. From that server, there are these logs:

86860b5992ac0deb: T= 0.158073, cwin: 15360,flight: 1591,nb_ret: 0,rtt_min: 156641,rtt: 156689,rtt_var: 44098,max_ack_delay: 0,state: 14
86860b5992ac0deb: Receiving 80 bytes from 192.184.128.105:51361 at T=0.158096 (5dc273b6a918a)
86860b5992ac0deb: Receiving packet type: 6 (1rtt protected), S1, Q1,
86860b5992ac0deb:     <fc83ee005bf9a5a7>, Seq: 2 (2), Phi: 0,
86860b5992ac0deb:     Decrypted 54 bytes
86860b5992ac0deb:     ACK (nb=0), 0
86860b5992ac0deb:     Stream 0, offset 0, length 46, fin = 1: 2c00000001000001...

86860b5992ac0deb: Quicdoq: Stream FIN before query was received fully on stream  #0.

86860b5992ac0deb: Data callback (1, l=46) on stream 0 returns error 0x1
86860b5992ac0deb: Protocol error 0x1
86860b5992ac0deb: T= 0.158096, cwin: 15360,flight: 1591,nb_ret: 0,rtt_min: 156641,rtt: 156689,rtt_var: 44098,max_ack_delay: 0,state: 15

Notice the "Stream FIN before query was received.

In the code we have this structure for sending quic packets:

github.com/bluejekyll/trust-dns@e6ab219f81/crates/proto/src/quic/quic_client_stream.rs (L58-L74)

Which appears to follow the RFC:

https://www.ietf.org/archive/id/draft-ietf-dprive-dnsoquic-11.html#name-stream-mapping-and-usage

@Ralith or @djc not sure if this looks familiar to you?

I'm not sure if these issues would have anything to do with the compatibility tests here: https://interop.seemann.io/
https://github.com/private-octopus/quicdoq

Originally created by @bluejekyll on GitHub (Apr 8, 2022). Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/1687 **Describe the bug** When using DoQ for queries, the QUIC protocol errors with: ```shell ; using quic:94.140.14.14:853 dns_name:dns.adguard.com ; sending query: www.example.com. IN SOA [2022-04-08T19:06:28Z DEBUG trust_dns_proto::xfer::dns_handle] querying: www.example.com. SOA [2022-04-08T19:06:28Z DEBUG trust_dns_proto::xfer] enqueueing message:QUERY:[Query { name: Name("www.example.com."), query_type: SOA, query_class: IN, mdns_unicast_response: false }] [2022-04-08T19:06:28Z DEBUG trust_dns_proto::quic::quic_stream] received packet len: 44 bytes: b"\0\0\x01\0\0\x01\0\0\0\0\0\x01\x03www\x07example\x03com\0\0\x06\0\x01\0\0)\x04\xd0\0\0\0\0\0\0" Error: Error { kind: Proto(ProtoError { kind: QuinnReadError(FinishedEarly), backtrack: None }), backtrack: None } ``` **To Reproduce** The current easiest way to reproduce this is to use the new `dns` utility from the project, see [trust-dns-client-cli](https://github.com/bluejekyll/trust-dns/tree/trust-dns-client-cli): `cargo run --all-features --bin dns -- --debug -p quic -t dns.adguard.com -n 94.140.14.14:853 query www.example.com. SOA` edit: it appears that adguard may require a custom ALPN, `doq-i02`, as opposed to the RFC's ALPN of `doq`, the proper command for that is, but has the same result: `cargo run --all-features --bin dns -- --debug -p quic -t dns.adguard.com -n 94.140.14.14:853 -a doq-i02 query www.example.com. SOA` **Expected behavior** Correct behavior with DoH can be seen with the same server: ```shell $> cargo run --all-features --bin dns -- --debug -p https -t dns.adguard.com -n 94.140.14.14:443 query www.example.com. SOA Finished dev [unoptimized + debuginfo] target(s) in 0.13s Running `target/debug/dns --debug -p https -t dns.adguard.com -n '94.140.14.14:443' query www.example.com. SOA` ; using https:94.140.14.14:443 dns_name:dns.adguard.com [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tcp connecting to: 94.140.14.14:443 [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tcp connection established to: 94.140.14.14:443 [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] tls connection established to: 94.140.14.14:443 [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] h2 connection established to: 94.140.14.14:443 ; sending query: www.example.com. IN SOA [2022-04-08T20:16:35Z DEBUG trust_dns_proto::xfer::dns_handle] querying: www.example.com. SOA [2022-04-08T20:16:35Z DEBUG trust_dns_proto::xfer] enqueueing message:QUERY:[Query { name: Name("www.example.com."), query_type: SOA, query_class: IN, mdns_unicast_response: false }] [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] request: Request { method: POST, uri: https://dns.adguard.com/dns-query, version: HTTP/2.0, headers: { "content-type": "application/dns-message", "accept": "application/dns-message", "content-length": "44", }, body: (), } [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] got response: Response { status: 200, version: HTTP/2.0, headers: { "cache-control": "max-age=1887.000000", "content-type": "application/dns-message", "content-length": "120", "date": "Fri, 08 Apr 2022 20:16:35 GMT", }, body: RecvStream { inner: FlowControl { inner: OpaqueStreamRef { stream_id: StreamId( 1, ), ref_count: 2, }, }, }, } [2022-04-08T20:16:35Z DEBUG trust_dns_proto::https::https_client_stream] got bytes: 120 ; received response ; header 0:RD,RA:NoError:QUERY:0/1/1 ; edns version: 0 dnssec_ok: false max_payload: 1232 opts: 0 ; query ;; name: www.example.com. type: SOA class: IN mdns_unicast_response: false ; answers 0 ; nameservers 1 example.com. 1887 IN SOA ns.icann.org. noc.dns.icann.org. 2022040401 7200 3600 1209600 3600 ; additionals 1 ``` **Version:** Trust-DNS on up-to-date branch [trust-dns-client-cli](https://github.com/bluejekyll/trust-dns/tree/trust-dns-client-cli) Quinn version `0.8.2` **Additional context** I've also be testing against a different DoQ service setup, which has fewer details, though I have more logs. It appears that the remote is seeing the stream as "finished" before the client has sent all logs. From that server, there are these logs: ```text 86860b5992ac0deb: T= 0.158073, cwin: 15360,flight: 1591,nb_ret: 0,rtt_min: 156641,rtt: 156689,rtt_var: 44098,max_ack_delay: 0,state: 14 86860b5992ac0deb: Receiving 80 bytes from 192.184.128.105:51361 at T=0.158096 (5dc273b6a918a) 86860b5992ac0deb: Receiving packet type: 6 (1rtt protected), S1, Q1, 86860b5992ac0deb: <fc83ee005bf9a5a7>, Seq: 2 (2), Phi: 0, 86860b5992ac0deb: Decrypted 54 bytes 86860b5992ac0deb: ACK (nb=0), 0 86860b5992ac0deb: Stream 0, offset 0, length 46, fin = 1: 2c00000001000001... 86860b5992ac0deb: Quicdoq: Stream FIN before query was received fully on stream #0. 86860b5992ac0deb: Data callback (1, l=46) on stream 0 returns error 0x1 86860b5992ac0deb: Protocol error 0x1 86860b5992ac0deb: T= 0.158096, cwin: 15360,flight: 1591,nb_ret: 0,rtt_min: 156641,rtt: 156689,rtt_var: 44098,max_ack_delay: 0,state: 15 ``` Notice the "Stream FIN before query was received. In the code we have this structure for sending quic packets: https://github.com/bluejekyll/trust-dns/blob/e6ab219f81443f69765862d6a69f9f4f37319280/crates/proto/src/quic/quic_client_stream.rs#L58-L74 Which appears to follow the RFC: https://www.ietf.org/archive/id/draft-ietf-dprive-dnsoquic-11.html#name-stream-mapping-and-usage @Ralith or @djc not sure if this looks familiar to you? I'm not sure if these issues would have anything to do with the compatibility tests here: https://interop.seemann.io/ https://github.com/private-octopus/quicdoq

kerem 2026-03-16 00:03:27 +03:00

• closed this issue
• added the
  bug
  wontfix
  crate:proto
  feature:dns-over-quic
  labels

kerem commented 2026-03-16 00:03:43 +03:00

Author

Owner

Copy link

@Ralith commented on GitHub (Apr 8, 2022):

Assuming nothing interesting is happening in the QuicStream wrapper, your QUIC use looks sensible. I'd verify that message.into_parts().0 is correct, then try to determine where exactly the peer sees the stream getting cut off, and verify that send isn't failing with some other error halfway through queuing data. Wireshark might be useful to provide insight into what data was actually sent.

<!-- gh-comment-id:1093389160 --> @Ralith commented on GitHub (Apr 8, 2022): Assuming nothing interesting is happening in the `QuicStream` wrapper, your QUIC use looks sensible. I'd verify that `message.into_parts().0` is correct, then try to determine where exactly the peer sees the stream getting cut off, and verify that `send` isn't failing with some other error halfway through queuing data. Wireshark might be useful to provide insight into what data was actually sent.

kerem commented 2026-03-16 00:03:48 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 8, 2022):

End-to-end tests work locally so there isn't an issue with the DNS packet as far as I can tell. I'll see what we can see with wireshark.

<!-- gh-comment-id:1093451208 --> @bluejekyll commented on GitHub (Apr 8, 2022): End-to-end tests work locally so there isn't an issue with the DNS packet as far as I can tell. I'll see what we can see with wireshark.

kerem commented 2026-03-16 00:03:53 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 8, 2022):

And thanks for taking the time.

<!-- gh-comment-id:1093451407 --> @bluejekyll commented on GitHub (Apr 8, 2022): And thanks for taking the time.

kerem commented 2026-03-16 00:03:58 +03:00

Author

Owner

Copy link

@IvanNardi commented on GitHub (Apr 9, 2022):

edit: it appears that adguard may require a custom ALPN, doq-i02, as opposed to the RFC's ALPN of doq, the proper command for that is, but has the same result:

Not an expert, but is it possible that Adguard is still using DoQ draft-02, instead of the latest versions?
Draft-02 is incompatible with latest versions because it doesn't have the "2-octet length field" of the beginning of the message.
My 2 cents

<!-- gh-comment-id:1093839217 --> @IvanNardi commented on GitHub (Apr 9, 2022): > edit: it appears that adguard may require a custom ALPN, `doq-i02`, as opposed to the RFC's ALPN of `doq`, the proper command for that is, but has the same result: Not an expert, but is it possible that Adguard is still using DoQ draft-02, instead of the latest versions? Draft-02 is incompatible with latest versions because it doesn't have the "2-octet length field" of the beginning of the message. My 2 cents

kerem commented 2026-03-16 00:04:03 +03:00

Author

Owner

Copy link

@djc commented on GitHub (Apr 9, 2022):

That sounds very plausible.

<!-- gh-comment-id:1093902796 --> @djc commented on GitHub (Apr 9, 2022): That sounds very plausible.

kerem commented 2026-03-16 00:04:08 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 9, 2022):

Draft-02 is incompatible with latest versions because it doesn't have the "2-octet length field" of the beginning of the message.

Oh... that's significant, and I didn't notice that. I'll focus on the other service. There's a setup guide for testing with it that I need to go through. I'll see when I have time to do that. I don't think it's necessarily worth providing an option for that, but I suppose I could hack it temporarily to see if I can get it to work.

This is the current doc I'm working off of that links to other implementations: https://docs.google.com/document/d/1aMVwZf979-xa6wbQUx6pm56Kk0AYI0FoY41tBqmniKk/edit#

<!-- gh-comment-id:1094096830 --> @bluejekyll commented on GitHub (Apr 9, 2022): > Draft-02 is incompatible with latest versions because it doesn't have the "2-octet length field" of the beginning of the message. Oh... that's significant, and I didn't notice that. I'll focus on the other service. There's a setup guide for testing with it that I need to go through. I'll see when I have time to do that. I don't think it's necessarily worth providing an option for that, but I suppose I could hack it temporarily to see if I can get it to work. This is the current doc I'm working off of that links to other implementations: https://docs.google.com/document/d/1aMVwZf979-xa6wbQUx6pm56Kk0AYI0FoY41tBqmniKk/edit#

kerem commented 2026-03-16 00:04:13 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 9, 2022):

@Ralith thanks for noticing that.

I just hacked the current implementation to remove the 2 byte length from the stream, and it indeed works as expected with dns.adguard.coms quic implementation on doq-i02.

So that's a nice validation.

<!-- gh-comment-id:1094132867 --> @bluejekyll commented on GitHub (Apr 9, 2022): @Ralith thanks for noticing that. I just hacked the current implementation to remove the 2 byte length from the stream, and it indeed works as expected with `dns.adguard.com`s quic implementation on `doq-i02`. So that's a nice validation.

kerem commented 2026-03-16 00:04:18 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 9, 2022):

I'm going to open a separate issue in regards to the doq-i03 issues.

<!-- gh-comment-id:1094133002 --> @bluejekyll commented on GitHub (Apr 9, 2022): I'm going to open a separate issue in regards to the `doq-i03` issues.

kerem commented 2026-03-16 00:04:23 +03:00

Author

Owner

Copy link

@bluejekyll commented on GitHub (Apr 9, 2022):

We won't fix this issue, as the dns.adguard.com name server isn't on the current RFC, I don't think it makes sense for us to try and support different versions of the RFC. We'll only focus on the current (as of this writing, version 11): https://www.ietf.org/archive/id/draft-ietf-dprive-dnsoquic-11.html#name-reservation-of-dedicated-po

<!-- gh-comment-id:1094133339 --> @bluejekyll commented on GitHub (Apr 9, 2022): We won't fix this issue, as the `dns.adguard.com` name server isn't on the current RFC, I don't think it makes sense for us to try and support different versions of the RFC. We'll only focus on the current (as of this writing, version 11): https://www.ietf.org/archive/id/draft-ietf-dprive-dnsoquic-11.html#name-reservation-of-dedicated-po

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

release/0.26

david/conformance-dnssec-negative-tests

query-api

opt-types

cname-nsec

no-cname-recursion

conformance-min-ttl

dname-base

drop-message-request

no-error-queries

cpu-sig0-rm-message-sig_dev

cpu-tsig-test-update_dev

windows-config

dnssec-net

release/0.25

opp-enc-persist

integration-test

cpu-tidying-recursor-opts_dev

happy-eyeballs

david/authoritative-zone-storage-trait

dnssec-ad

no-authority

release/0.24

pvdrz/remove-top-file

pvdrz/h3-handshake-timeout

pvdrz/quic-handshake-timeout

nxdomain-for-recursor

ja-test-merque-queue

ja-fix-ci-again

sz-add-ede-tests

sz-test-tc-bit-with-large-response

sz-fix-tokio-dependency

gh-2275-test-rrsig-signature

refactor-sign-zone-file

fix-1.79-cleanliness

update-nightly-hash

release/0.23

gh-pages

use-just-for-server-toml

release/0.22

revert-1874-cpu-zone-parse-default-class

disable-bind-compatibility-tests

disable-test_tls_client_stream_ipv4

update-native-tls-0.2.11

recursor-tests

fix-clippy-self

release/0.20

saethlin-fix-rdata-zero

release/0.19

flat_name

drop_unused_futures

release/0.18

release-r0.12-cs0.17

release/r0.12-cs0.17

trust-dns-book

r0.10

test-connections-not-dropped

fix_exec_status_on_rs_files

release-0.9

add-mutex-to-integration-tests

0.8_release

bfry/dns-crypt

v0.26.0

v0.26.0-beta.4

v0.26.0-beta.3

v0.26.0-beta.2

v0.26.0-beta.1

v0.26.0-alpha.1

v0.25.2

v0.25.1

v0.25.0

v0.24.4

v0.24.3

v0.25.0-alpha.5

v0.24.2

v0.25.0-alpha.4

v0.25.0-alpha.3

v0.25.0-alpha.2

v0.25.0-alpha.1

v0.24.1

v0.23.2

v0.24.0

v0.23.1

v0.23.0

v0.23.0-alpha.5

v0.23.0-alpha.4

v0.23.0-alpha.3

v0.22.1

v0.23.0-alpha.2

v0.23.0-alpha.1

v0.22.0

v0.21.2

v0.21.1

v0.21.0

v0.21.0-alpha.5

v0.20.4

v0.21.0-alpha.4

v0.21.0-alpha.3

v0.21.0-alpha.2

v0.21.0-alpha.1

v0.20.3

v0.20.2

v0.20.1

v0.19.7

v0.20.0

0.19.6

v0.20.0-alpha.3

v0.20.0-alpha.2

v0.20.0-alpha.1

0.19.5

0.19.4

0.19.3

0.19.0

0.18.1

0.18

0.18.0.alpha.2

r0.12_cs0.17

r0.11.1

cs0.16.1

r0.11

cs0.16

r0.10.1

r0.10.0

cs0.15.0

r0.9.1

v0.14.0

r0.9.0

r0.8.1

r0.8.0

v0.13.0

r0.7.0

c0.12.0

r0.6.0

r0.5.0

resolver.0.4.0

0.11.0

0.10.5

0.10.4

0.10.3

0.10.2

0.10.1

0.10.0

0.9.3

0.9.2

0.9.1

0.9.0

0.8.1

0.8.0

0.7.3

0.7.2

0.7.1

0.7.0

0.6.0

0.5.3

0.5.1

0.5.0

0.4.0

0.3.1

0.3.0

0.2.1

0.2.0

0.1.0

Labels

Clear labels   

blocked

  

breaking-change

  

bug

  

bug:critical

  

bug:tests

  

cleanup

  

compliance

  

compliance

  

compliance

  

crate:all

  

crate:client

  

crate:native-tls

  

crate:proto

  

crate:recursor

  

crate:resolver

  

crate:resolver

  

crate:rustls

  

crate:server

  

crate:util

  

dependencies

  

docs

  

duplicate

  

easy

  

easy

  

enhance

  

enhance

  

enhance

  

feature:dns-over-https

  

feature:dns-over-quic

  

feature:dns-over-tls

  

feature:dnsssec

  

feature:global_lb

  

feature:mdns

  

feature:tsig

  

features:edns

  

has workaround

  

ops

  

perf

  

platform:WASM

  

platform:android

  

platform:fuchsia

  

platform:linux

  

platform:macos

  

platform:windows

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

test

  

tools

  

tools

  

trust

  

unclear

  

wontfix

No labels

blocked

breaking-change

bug

bug:critical

bug:tests

cleanup

compliance

compliance

compliance

crate:all

crate:client

crate:native-tls

crate:proto

crate:recursor

crate:resolver

crate:resolver

crate:rustls

crate:server

crate:util

dependencies

docs

duplicate

easy

easy

enhance

enhance

enhance

feature:dns-over-https

feature:dns-over-quic

feature:dns-over-tls

feature:dnsssec

feature:global_lb

feature:mdns

feature:tsig

features:edns

has workaround

ops

perf

platform:WASM

platform:android

platform:fuchsia

platform:linux

platform:macos

platform:windows

pull-request

question

test

tools

tools

trust

unclear

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/hickory-dns#736

No description provided.