diff --git a/docs/config/server-config.md b/docs/config/server-config.md
index c00f7f9..5f36102 100644
--- a/docs/config/server-config.md
+++ b/docs/config/server-config.md
@@ -5,7 +5,7 @@ hide:
# 服务端配置
-smartdns目前提供了UDP, TCP, DOT三种服务端模式。
+smartdns目前提供了UDP, TCP, DOT, DOH四种服务端模式。
## UDP服务端
@@ -39,14 +39,20 @@ smartdns目前提供了UDP, TCP, DOT三种服务端模式。
tcp-idle-time 120
```
-## DOT服务端
+## DOT,DOH服务端
-1. 通过`bind-tls`参数配置,配置例子如下:
+1. 通过`bind-tls`, `bind-https`参数配置,配置例子如下:
```shell
- bind-tls 0.0.0.0:53@eth0
- bind-tls [::]:53@eth0
- bind-tls :53@eth0
+ # DOT 服务器
+ bind-tls 0.0.0.0:853@eth0
+ bind-tls [::]:853@eth0
+ bind-tls :853@eth0
+
+ # DOH 服务器
+ bind-https 0.0.0.0:443@eth0
+ bind-https [::]:443@eth0
+ bind-https :443@eth0
```
diff --git a/docs/configuration.md b/docs/configuration.md
index d3377ee..45fb311 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -16,6 +16,7 @@ hide:
| bind | DNS 监听端口号 | [::]:53 | 可绑定多个端口。
IP:PORT@DEVICE: 服务器 IP:端口号@设备名
[-group]: 请求时使用的 DNS 服务器组
[-no-rule-addr]:跳过 address 规则
[-no-rule-nameserver]:跳过 Nameserver 规则
[-no-rule-ipset]:跳过 ipset 和 nftset 规则
[-no-rule-soa]:跳过 SOA(#) 规则
[-no-dualstack-selection]:停用双栈测速
[-no-speed-check]:停用测速
[-no-cache]:停止缓存
[-force-aaaa-soa]: 禁用IPV6查询
[-ipset]: 设置IPSet,参考ipset选项
[-nftset]: 设置nftset,参考nftset选项| bind :53@eth0 |
| bind-tcp | DNS TCP 监听端口号 | [::]:53 | 可绑定多个端口。
IP:PORT@DEVICE: 服务器 IP:端口号@设备名
[-group]: 请求时使用的 DNS 服务器组
[-no-rule-addr]:跳过 address 规则
[-no-rule-nameserver]:跳过 nameserver 规则
[-no-rule-ipset]:跳过 ipset 和 nftset 规则。
[-no-rule-soa]:跳过 SOA(#) 规则
[-no-dualstack-selection]:停用双栈测速
[-no-speed-check]:停用测速
[-no-cache]:停止缓存
[-force-aaaa-soa]: 禁用IPV6查询
[-ipset]: 设置IPSet,参考ipset选项
[-nftset]: 设置nftset,参考nftset选项 | bind-tcp :53 |
| bind-tls | DNS Over TLS 监听端口号 | [::]:853 | 可绑定多个端口。
IP:PORT@DEVICE: 服务器 IP:端口号@设备名
[-group]: 请求时使用的 DNS 服务器组
[-no-rule-addr]:跳过 address 规则
[-no-rule-nameserver]:跳过 nameserver 规则
[-no-rule-ipset]:跳过 ipset 和 nftset 规则。
[-no-rule-soa]:跳过 SOA(#) 规则
[-no-dualstack-selection]:停用双栈测速
[-no-speed-check]:停用测速
[-no-cache]:停止缓存
[-force-aaaa-soa]: 禁用IPV6查询
[-ipset]: 设置IPSet,参考ipset选项
[-nftset]: 设置nftset,参考nftset选项| bind-tls :853 |
+| bind-https | DNS Over HTTPS 监听端口号 | [::]:853 | 可绑定多个端口。
IP:PORT@DEVICE: 服务器 IP:端口号@设备名
[-group]: 请求时使用的 DNS 服务器组
[-no-rule-addr]:跳过 address 规则
[-no-rule-nameserver]:跳过 nameserver 规则
[-no-rule-ipset]:跳过 ipset 和 nftset 规则。
[-no-rule-soa]:跳过 SOA(#) 规则
[-no-dualstack-selection]:停用双栈测速
[-no-speed-check]:停用测速
[-no-cache]:停止缓存
[-force-aaaa-soa]: 禁用IPV6查询
[-ipset]: 设置IPSet,参考ipset选项
[-nftset]: 设置nftset,参考nftset选项| bind-https :853 |
| bind-cert-file | SSL证书文件路径 | smartdns-cert.pem | 合法路径字符串 | bind-cert-file cert.pem |
| bind-cert-key-file | SSL证书KEY文件路径 | smartdns-key.pem | 合法路径字符串 | bind-cert-key-file key.pem |
| bind-cert-key-pass | SSL证书KEY文件密码 | 无 | 字符串 | bind-cert-key-pass password |
diff --git a/en/docs/config/server-config.md b/en/docs/config/server-config.md
index 3c9d4f8..73cdcf6 100644
--- a/en/docs/config/server-config.md
+++ b/en/docs/config/server-config.md
@@ -5,7 +5,7 @@ hide:
# Server Configuration
-Currently, smartdns provides three server modes: UDP, TCP, and DOT.
+Currently, smartdns provides three server modes: UDP, TCP, DOH, and DOT.
## UDP Server
@@ -39,15 +39,21 @@ Currently, smartdns provides three server modes: UDP, TCP, and DOT.
tcp-idle-time 120
```
-## DOT Server
+## DOT, DOH Server
-1. Configure with the `bind-tls` parameter. For example:
+1. Configure with the `bind-tls`, `bind-https` parameter. For example:
```shell
- bind-tls 0.0.0.0:53@eth0
- bind-tls [::]:53@eth0
- bind-tls :53@eth0
- ```
+ # DOT server
+ bind-tls 0.0.0.0:853@eth0
+ bind-tls [::]:853@eth0
+ bind-tls :853@eth0
+
+ # DOH server
+ bind-https 0.0.0.0:443@eth0
+ bind-https [::]:443@eth0
+ bind-https :443@eth0
+
1. Set certificate and key files
diff --git a/en/docs/configuration.md b/en/docs/configuration.md
index e96e249..35290fd 100644
--- a/en/docs/configuration.md
+++ b/en/docs/configuration.md
@@ -11,7 +11,8 @@ hide:
|server-name|DNS name|host name/smartdns|any string like hostname|server-name smartdns
|bind|DNS listening port number|[::]:53|Support binding multiple ports
`IP:PORT@DEVICE`: server IP, port number, and device.
`[-group]`: The DNS server group used when requesting.
`[-no-rule-addr]`: Skip the address rule.
`[-no-rule-nameserver]`: Skip the Nameserver rule.
`[-no-rule-ipset]`: Skip the Ipset or nftset rules.
`[-no-rule-soa]`: Skip address SOA(#) rules.
`[-no-dualstack-selection]`: Disable dualstack ip selection.
`[-no-speed-check]`: Disable speed measurement.
`[-no-cache]`: stop caching
[-force-aaaa-soa]: force AAAA query return SOA,
[-ipset]: set IPSet, refer to ipset option
[-nftset]: set nftset, refer to nftset option |bind :53@eth0
|bind-tcp|TCP mode DNS listening port number|[::]:53|Support binding multiple ports
`IP:PORT@DEVICE`: server IP, port number and device.
`[-group]`: The DNS server group used when requesting.
`[-no-rule-addr]`: Skip the address rule.
`[-no-rule-nameserver]`: Skip the Nameserver rule.
`[-no-rule-ipset]`: Skip the ipset or nftset rules.
`[-no-rule-soa]`: Skip address SOA(#) rules.
`[-no-dualstack-selection]`: Disable dualstack ip selection.
`[-no-speed-check]`: Disable speed measurement.
`[-no-cache]`: stop caching
[-force-aaaa-soa]: force AAAA query return SOA,
[-ipset]: set IPSet, refer to ipset option
[-nftset]: set nftset, refer to nftset option |bind-tcp :53
-|bind-tls|DOT mode DNS listening port number|[::]:853|Support binding multiple ports
`IP:PORT@DEVICE`: server IP, port number and device.
`[-group]`: The DNS server group used when requesting.
`[-no-rule-addr]`: Skip the address rule.
`[-no-rule-nameserver]`: Skip the Nameserver rule.
`[-no-rule-ipset]`: Skip the ipset or nftset rules.
`[-no-rule-soa]`: Skip address SOA(#) rules.
`[-no-dualstack-selection]`: Disable dualstack ip selection.
`[-no-speed-check]`: Disable speed measurement.
`[-no-cache]`: stop caching
[-force-aaaa-soa]: force AAAA query return SOA,
[-ipset]: set IPSet, refer to ipset option
[-nftset]: set nftset, refer to nftset option |bind-tcp :853
+|bind-tls|DOT mode DNS listening port number|[::]:853|Support binding multiple ports
`IP:PORT@DEVICE`: server IP, port number and device.
`[-group]`: The DNS server group used when requesting.
`[-no-rule-addr]`: Skip the address rule.
`[-no-rule-nameserver]`: Skip the Nameserver rule.
`[-no-rule-ipset]`: Skip the ipset or nftset rules.
`[-no-rule-soa]`: Skip address SOA(#) rules.
`[-no-dualstack-selection]`: Disable dualstack ip selection.
`[-no-speed-check]`: Disable speed measurement.
`[-no-cache]`: stop caching
[-force-aaaa-soa]: force AAAA query return SOA,
[-ipset]: set IPSet, refer to ipset option
[-nftset]: set nftset, refer to nftset option |bind-tls :853
+|bind-https|DOH mode DNS listening port number|[::]:853|Support binding multiple ports
`IP:PORT@DEVICE`: server IP, port number and device.
`[-group]`: The DNS server group used when requesting.
`[-no-rule-addr]`: Skip the address rule.
`[-no-rule-nameserver]`: Skip the Nameserver rule.
`[-no-rule-ipset]`: Skip the ipset or nftset rules.
`[-no-rule-soa]`: Skip address SOA(#) rules.
`[-no-dualstack-selection]`: Disable dualstack ip selection.
`[-no-speed-check]`: Disable speed measurement.
`[-no-cache]`: stop caching
[-force-aaaa-soa]: force AAAA query return SOA,
[-ipset]: set IPSet, refer to ipset option
[-nftset]: set nftset, refer to nftset option |bind-https :853
|bind-cert-file|SSL Certificate file path|smartdns-cert.pem|path| bind-cert-file cert.pem |
|bind-cert-key-file|SSL Certificate key file path|none|smartdns-key.pem| bind-cert-key-file key.pem |
|bind-cert-key-pass|SSL Certificate key file password|none|string| bind-cert-key-pass password |