Why isn't DNS-over-TLS (DoT) - RFC7858 - being dissected by Wireshark 3.0?

asked 2019-07-11 12:32:48 +0000

SaraD
16 ●1

updated 2019-07-11 17:27:36 +0000

Guy Harris
19890 ●3 ●659 ●207

I see that Wireshark 3.0 now has support for DoH (DNS-over-HTTPS, RFC8484), but I can't see anyway to make it decode DNS-over-TLS on the IANA assigned port (853). I can decode the raw bytes, but they are not recognised as DNS.

Please let me know if this is supported and I am just missing something.

Otherwise please let me know if there are plans to support this in future?

edit retag flag offensive close merge delete

Comments

Is the decryption working? The data can't be dissected as DNS unless it can be decrypted.

grahamb ( 2019-07-11 12:46:36 +0000 )edit

Are you able to share the trace, with the DoH?

xinxolHH ( 2019-07-11 14:36:38 +0000 )edit

add a comment

Comments

DNS-over-TLS (DoT) is different from DNS-over-HTTPS (DoH). The former defaults to TCP port 853 where the latter runs over TCP port 443.

Lekensteyn ( 2019-07-20 17:28:33 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Why isn't DNS-over-TLS (DoT) - RFC7858 - being dissected by Wireshark 3.0?

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Why isn't DNS-over-TLS (DoT) - RFC7858 - being dissected by Wireshark 3.0? edit

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

Why isn't DNS-over-TLS (DoT) - RFC7858 - being dissected by Wireshark 3.0?