This posting to the IETD ADD WG mail list seems relevant to the discussion we had on last Thursday. Russ

From: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org> Subject: [Add] Testing DDR with macOS and iOS Date: June 10, 2022 at 6:56:58 PM EDT To: ADD Mailing list <add@ietf.org>

Hi ADD,

With the betas of iOS 16 and macOS Ventura, DDR is supported by default (no need to manually enable!). Please feel free to download these and give them a try.

This is also covered in this WWDC video: https://developer.apple.com/videos/play/wwdc2022/10079/ <https://developer.apple.com/videos/play/wwdc2022/10079/>

Best, Tommy

...

On Feb 23, 2022, at 9:52 AM, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org <mailto:tpauly=40apple.com@dmarc.ietf.org>> wrote:

Hello ADD,

I wanted to share with the group, for anyone who’s trying to bring up Discovery of Designated Resolvers (DDR, https://datatracker.ietf.org/doc/draft-ietf-add-ddr/ <https://datatracker.ietf.org/doc/draft-ietf-add-ddr/>) on their resolvers, that there is now a way to test this functionality with the current beta of macOS 12.3 <https://developer.apple.com/news/releases/?id=02152022e>. This is not enabled by default, but is a developer option.

In Terminal, you can run the following commands:

sudo defaults write /Library/Preferences/com.apple.networkd enable_ddr -int 1 sudo killall -9 mDNSResponder

The client will then start issuing SVCB queries for _dns.resolver.arpa, and using the results to verify resolvers and upgrade to encrypted DNS, either DoT or DoH.

Hopefully this can be a useful tool to you!

Best, Tommy

-- Add mailing list Add@ietf.org <mailto:Add@ietf.org> https://www.ietf.org/mailman/listinfo/add

-- Add mailing list Add@ietf.org https://www.ietf.org/mailman/listinfo/add