Trying to host a HTTP3-only server locally on port 443 and have a local web browser access it.
Tested the HTTP3 server directly with a cli client and that is working
Attempting to use a HTTPS DNS resource record (RR) defined by IETF RFC 9460 to make the browser jump straight to using QUIC rather than attempt a TCP connection. Installed Knot DNS 3.3.2 and added the following entries:
$ORIGIN local-server-domain.
@ 60 IN HTTPS 1 . alpn=h3
@ 60 IN A 127.0.0.1
@ 60 IN AAAA ::1
such that when I inspect Knot DNS I get this output:
$ knotc zone-read --
[local-server-domain.] local-server-domain. 60 A 127.0.0.1
[local-server-domain.] local-server-domain. 3600 SOA ns.local-server-domain. hostmaster.local-server-domain. 1 43200 900 1209600 3600
[local-server-domain.] local-server-domain. 60 AAAA ::1
[local-server-domain.] local-server-domain. 60 HTTPS 1 . alpn=h3
and when I point /etc/resolv.conf to use nameserver 127.0.0.1 I'm able to correctly resolve the local-server-domain:
$ nslookup local-server-domain
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: local-server-domain
Address: 127.0.0.1
Name: local-server-domain
Address: ::1
However, when I try to access https://local-server-domain with IceCat v115, which should support HTTP RR since v92, It doesn't get the HTTPS RR and thus continues to try TCP which predictably fails:
I also tried variations based on examples I've seen but with the same results:
$ORIGIN local-server-domain.
@ 60 IN HTTPS 1 . alpn=h3
$ORIGIN local-server-domain.
@ 60 IN HTTPS 1 . alpn=h3
@ 60 IN A 127.0.0.1
$ORIGIN local-server-domain.
@ 60 IN HTTPS 1 . alpn=h3
@ 60 IN A 127.0.0.1
@ 60 IN NS ns
ns 60 IN A 127.0.0.1
Question
How do I setup the HTTPS RR such that it gets provided to my browser?
Not sure if this matters but my build of Knot DNS does not support DNS-over-QUIC (DoQ) but my understanding is that I'm just trying to get an unencrypted DNS record so this is not needed.
