diff --git a/DnsServerCore/www/index.html b/DnsServerCore/www/index.html index b09fd8ae..68705b7d 100644 --- a/DnsServerCore/www/index.html +++ b/DnsServerCore/www/index.html @@ -15,12 +15,7 @@ - - - - - @@ -145,8 +140,8 @@ @@ -349,11 +344,11 @@ - - - - - + + + + + @@ -405,10 +400,10 @@
ZoneTypeDNSSECStatusExpiryZoneTypeDNSSECStatusExpiry
- - - - + + + + @@ -550,7 +545,7 @@
NameTypeTTLDataNameTypeTTLData
- + @@ -614,11 +609,29 @@
  • OpenDNS FamilyShield {208.67.220.123}
  • OpenDNS FamilyShield {[2620:119:35::123]}
  • OpenDNS FamilyShield {[2620:119:53::123]}
    • -
  • OpenDNS TLS {familyshield.opendns.com (208.67.222.123:853)}
    • -
  • OpenDNS TLS {familyshield.opendns.com (208.67.220.123:853)}
    • -
  • OpenDNS TLS {familyshield.opendns.com ([2620:119:35::123]:853)}
    • -
  • OpenDNS TLS {familyshield.opendns.com ([2620:119:53::123]:853)}
    • +
  • OpenDNS FamilyShield TLS {familyshield.opendns.com (208.67.222.123:853)}
    • +
  • OpenDNS FamilyShield TLS {familyshield.opendns.com (208.67.220.123:853)}
    • +
  • OpenDNS FamilyShield TLS {familyshield.opendns.com ([2620:119:35::123]:853)}
    • +
  • OpenDNS FamilyShield TLS {familyshield.opendns.com ([2620:119:53::123]:853)}
  • OpenDNS FamilyShield HTTPS {https://doh.familyshield.opendns.com/dns-query}
    • +
  • AdGuard {94.140.14.14}
    • +
  • AdGuard {94.140.15.15}
    • +
  • AdGuard {[2a10:50c0::ad1:ff]}
    • +
  • AdGuard {[2a10:50c0::ad2:ff]}
    • +
  • AdGuard TLS {dns.adguard-dns.com (94.140.14.14:853)}
    • +
  • AdGuard TLS {dns.adguard-dns.com ([2a10:50c0::ad1:ff]:853)}
    • +
  • AdGuard HTTPS {https://dns.adguard-dns.com/dns-query}
    • +
  • AdGuard QUIC {dns.adguard-dns.com (94.140.14.14:853)}
    • +
  • AdGuard QUIC {dns.adguard-dns.com ([2a10:50c0::ad1:ff]:853)}
    • +
  • AdGuard Family Protection {94.140.14.15}
    • +
  • AdGuard Family Protection {94.140.15.16}
    • +
  • AdGuard Family Protection {[2a10:50c0::bad1:ff]}
    • +
  • AdGuard Family Protection {[2a10:50c0::bad2:ff]}
    • +
  • AdGuard Family Protection TLS {dns.adguard-dns.com (94.140.14.15:853)}
    • +
  • AdGuard Family Protection TLS {dns.adguard-dns.com ([2a10:50c0::bad1:ff]:853)}
    • +
  • AdGuard Family Protection HTTPS {https://dns.adguard-dns.com/dns-query}
    • +
  • AdGuard Family Protection QUIC {dns.adguard-dns.com (94.140.14.15:853)}
    • +
  • AdGuard Family Protection QUIC {dns.adguard-dns.com ([2a10:50c0::bad1:ff]:853)}
  • Level3 {4.2.2.1}
  • Level3 {4.2.2.2}
  • Ultra {156.154.70.1}
    • @@ -683,6 +696,7 @@ + @@ -930,6 +944,33 @@
    The amount of time a TCP socket must wait for data before closing the connection. This option will apply for DNS requests being received by the DNS Server over TCP, TLS, or HTTPS transports.
    + +
    + +
    + + milliseconds (valid range 1000-90000; default 60000) +
    +
    The time interval after which an idle QUIC connection will be closed. This option applies only to QUIC transport protocol.
    +
    + +
    + +
    + + (valid range 1-1000; default 100) +
    +
    The max number of inbound bidirectional streams that can be accepted per QUIC connection. This option applies only to QUIC transport protocol.
    +
    + +
    + +
    + + (default 100) +
    +
    The maximum number of pending connections. This option applies to TCP, TLS, and QUIC transport protocols.
    +
    @@ -940,13 +981,14 @@
    -
    Local addresses are the network interface IP addresses you want the web service to listen for requests. The default values work for most scenarios so, do not change these defaults unless you have a requirement for the web service to listen on specific networks.
    +
    Local addresses are the network interface IP addresses you want the web service to listen for requests. ANY addresses (0.0.0.0 & [::]) cannot be used together with unicast IP addresses. The default values work for most scenarios so, do not change these defaults unless you have a requirement for the web service to listen on specific networks.
    - + + (default 5380)
    Specify the TCP port number for this web console over HTTP protocol.
    @@ -977,7 +1019,8 @@
    - + + (default 53443)
    Specify the TCP port number for this web console over TLS protocol.
    @@ -1014,27 +1057,77 @@
    Enable this option to accept DNS-over-HTTP requests. It must be used with a TLS terminating reverse proxy like nginx and will work only on private networks.
    Enable this option to accept DNS-over-TLS requests.
    Enable this option to accept DNS-over-HTTPS requests.
    + +
    + +
    +
    Enable this option to allow automatic TLS certificate renewal with HTTP challenge (webroot) for DNS-over-HTTPS service. This service will not accept DNS-over-HTTP requests from public IP addresses.
    + +
    + +
    +
    Enable this option to accept DNS-over-QUIC requests.
    +
    + +
    + + (default 8053) +
    +
    Specify the TCP port number for DNS-over-HTTP protocol.
    +
    + +
    + +
    + + (default 853) +
    +
    Specify the TCP port number for DNS-over-TLS protocol.
    +
    + +
    + +
    + + (default 443) +
    +
    Specify the TCP port number for DNS-over-HTTPS protocol.
    +
    + +
    + +
    + + (default 853) +
    +
    Specify the UDP port number for DNS-over-QUIC protocol.
    +
    +
    @@ -1052,9 +1145,9 @@
    -

    Note! These optional DNS server protocol changes will be automatically applied and so you do not need to manually restart the main service. The DNS-over-TLS and DNS-over-HTTPS protocols will be enabled only when a TLS certificate is configured.

    +

    Note! These optional DNS server protocol changes will be automatically applied and so you do not need to manually restart the main service. The DNS-over-TLS, DNS-over-QUIC, and DNS-over-HTTPS protocols will be enabled only when a TLS certificate is configured.

    These optional DNS server protocols are used to host these as a service. You do not need to enable these optional protocols to use them with Forwarders or Conditional Forwarder Zones.

    -

    For DNS-over-HTTP, use http://localhost:8053/dns-query with a TLS terminating reverse proxy like nginx. For DNS-over-TLS, use tls-certificate-domain:853 and for DNS-over-HTTPS use https://tls-certificate-domain/dns-query to configure supported DNS clients.

    +

    For DNS-over-HTTP, use http://localhost:8053/dns-query with a TLS terminating reverse proxy like nginx. For DNS-over-TLS, use tls-certificate-domain:853, for DNS-over-QUIC, use tls-certificate-domain:853, and for DNS-over-HTTPS use https://tls-certificate-domain/dns-query to configure supported DNS clients.

    When using a reverse proxy with the DNS-over-HTTP service, you need to add X-Real-IP header to the proxy request with the IP address of the client to allow the DNS server to know the real IP address of the client originating the request. For example, if you are using nginx as the reverse proxy, you can add proxy_set_header X-Real-IP $remote_addr; to make it work.

    Use the following openssl command to convert your TLS certificate that is in PEM format to PKCS #12 certificate (.pfx) format:

    openssl pkcs12 -export -out "example.com.pfx" -inkey "privkey.pem" -in "cert.pem" -certfile "chain.pem"
    @@ -1193,6 +1286,22 @@
    +
    +
    + +
    +
    + +
    +
    Enable this option to save DNS cache on disk when the DNS server stops. The saved cache will be loaded next time the DNS server starts.
    +
    +
    + +
    Note! The DNS server will attempt to save cache to disk when it stops which may take time depending on the cache size. This may cause the server to take a lot of time to stop which may lead to the OS to kill the process causing incomplete cache to be stored on disk.
    +
    +
    @@ -1561,6 +1670,26 @@ + + + + + + + + + + + + + + + + + + + +
    Enter forwarder DNS Server IP addresses or URLs one below another in above text field or use the Quick Select list to select desired forwarder.
    @@ -1594,6 +1723,12 @@ DNS-over-HTTPS
    +
    + +
    Select a protocol that this DNS server must use to query the forwarders specified above.
    @@ -1727,13 +1862,13 @@
    Installed AppsInstalled Apps
    - - - - - - - + + + + + + + @@ -1759,10 +1894,10 @@
    ScopeMAC AddressIP AddressHost NameLease ObtainedLease ExpiresScopeMAC AddressIP AddressHost NameLease ObtainedLease Expires
    - - - - + + + + @@ -2159,11 +2294,11 @@
    NameScope Range/Subnet MaskNetwork/BroadcastInterfaceNameScope Range/Subnet MaskNetwork/BroadcastInterface
    - - - - - + + + + + @@ -2189,11 +2324,11 @@
    UsernameSessionLast SeenRemote AddressUser AgentUsernameSessionLast SeenRemote AddressUser Agent
    - - - - - + + + + + @@ -2219,8 +2354,8 @@
    UsernameDisplay NameStatusPrevious LoginRecent LoginUsernameDisplay NameStatusRecent LoginPrevious Login
    - - + + @@ -2240,7 +2375,7 @@
    NameDescriptionNameDescription
    - + @@ -2335,27 +2470,17 @@
    -
    - - - - -
    +
    -
    - - - - -
    +
    - +
    @@ -2366,6 +2491,7 @@ +
    @@ -2400,12 +2526,12 @@
    - +
    - +
    @@ -2499,7 +2625,7 @@

    Technitium DNS Server

    Version

    - Copyright (C) 2022 Shreyas Zare (shreyas@technitium.com)
    + Copyright (C) 2023 Shreyas Zare (shreyas@technitium.com)
    This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions.

    Source code available under GNU General Public License v3.0 on  GitHub

    @@ -2583,7 +2709,7 @@
    SectionSection User Permissions Group Permissions
    - + @@ -2600,10 +2726,10 @@
    GroupGroup
    - - - - + + + + @@ -2878,6 +3004,12 @@ ns1.example.com ([2001:db8::]) XFR-over-TLS +
    + +
    @@ -2917,6 +3049,12 @@ ns1.example.com ([2001:db8::]) DNS-over-HTTPS +
    + +
    @@ -3183,6 +3321,12 @@ ns1.example.com ([2001:db8::]) XFR-over-TLS +
    + +
    @@ -3408,6 +3552,12 @@ MII... DNS-over-HTTPS +
    + +
    @@ -3983,13 +4133,13 @@ MII...
    SessionLast SeenRemote AddressUser AgentSessionLast SeenRemote AddressUser Agent
    - - - - - - - + + + + + + + @@ -4239,7 +4389,7 @@ MII...
    Key TagKey TypeAlgorithmStateState ChangedRolloverKey TagKey TypeAlgorithmStateState ChangedRollover (days)
    - + @@ -4776,10 +4926,10 @@ MII...
    Store AppsStore Apps
    - - - - + + + + @@ -4904,10 +5054,10 @@ MII...
    SessionLast SeenRemote AddressUser AgentSessionLast SeenRemote AddressUser Agent
    - - - - + + + + @@ -4926,10 +5076,10 @@ MII...
    UsernameViewModifyDeleteUsernameViewModifyDelete
    - - - - + + + +
    GroupViewModifyDeleteGroupViewModifyDelete