doh
The `doh` directive enables DNS-over-HTTPS at a specified location block in NGINX.
Description
The doh directive is used to enable DNS-over-HTTPS (DOH) support in NGINX for a given location block. This allows NGINX to handle DNS queries over HTTPS, serving as an intermediary between clients and DNS servers. When this directive is included in a location block, NGINX expects incoming requests to be formatted according to DNS message protocols. The default behavior routes requests to a DNS server running on localhost at port 53 with a default timeout of 5 seconds for queries.
The directive does not take any arguments, and its configuration can be modified using related directives like doh_address to specify the DNS server's address, doh_port for its port, and doh_timeout to alter the timeout duration for queries. When the request is received, NGINX validates the content type to ensure it matches application/dns-message. Based on the request method (GET or POST), NGINX processes the DNS query and routes it to the designated upstream DNS server, returning the response to the client accordingly.
Config Example
location /dns-query {
doh;
doh_address 127.0.2.1;
doh_port 5353;
doh_timeout 2;
}Ensure that the location block has the correct URI matching to properly route DNS queries.
Remember that the query must be of the proper content type ('application/dns-message').
Check that the upstream DNS server is reachable with the specified address and port.