[dnsdist] automatically forward query from the problematic domain
Mahdi Adnan
mahdi at sysmin.io
Thu Feb 29 06:34:33 UTC 2024
Hello,
If the issue is intermitting and can be mitigated by serving cached data,
maybe you can configure your recursive servers to serve expired data.
On Thu, Feb 29, 2024 at 8:20 AM Affan Basalamah via dnsdist <
dnsdist at mailman.powerdns.com> wrote:
> Thanks for your response,
>
> May I add that it's not the authoritative DNS, but it's the ccTLD DNS
> server (example like server for .com.country_names, .co.country_names, or
> .net.country_names)
>
> There was a time when this DNS server was down, all of the traffic from
> the country's local ISP (who's using their own DNS server) unable to
> resolve the internet banking domain names, however the record usually still
> cached on the public DNS server (e.g. Google).
>
> So there's no problem in IP connectivity from client to server, only
> problem is DNS cannot be resolved, because ccTLD DNS server is down.
>
> On Thu, Feb 29, 2024 at 12:09 AM Nico Cartron <nicolas at ncartron.org>
> wrote:
>
>>
>> > On 28 Feb 2024, at 14:26, Affan Basalamah via dnsdist <
>> dnsdist at mailman.powerdns.com> wrote:
>> >
>> >
>> > Hi,
>> >
>> > I'm responsible for managing DNS server for service providers, and they
>> request that DNS server usually have some important domain from my country
>> ccTLD that usually can't be resolved because of the their authoritative DNS
>> was not reliable, and every user usually contacted the service provider,
>> and they ask us to forward these domains to public DNS resolver (google,
>> CF, etc)
>> >
>> > Usually it become repetitive & menial effort from our side, and I
>> wonder how it's possible these logic can be achieved using DNSDist:
>> >
>> > - DNSDist is installed in front of provider DNS server, and create
>> default pool for provider DNS server
>> > - Create another pool for public DNS server (google, CF, Q9, etc)
>> > - Can I create list of domain that usually problematic to be redirected
>> to the public DNS pool?
>> > - Can I create rules for these domains to be forwarded to the public
>> DNS pool?
>> > - Can I create health check for these rules to be activated (every 1 or
>> 5 minutes, to check whether the authoritative DNS server for these domain
>> is still alive), and if the authoritative server is down, the rules is
>> activated, these domains is forwarded to public DNS pool
>> > - After health check find out the authoritative DNS server is alive,
>> the rule is disabled, the domain is resolved via the provider DNS
>> >
>> >
>> > Sorry because I don't completely understand the capability of DNSdist,
>> but I hope you can shed some light to me about this, and I hope DNSdist can
>> solve this kind of problem.
>>
>> Hi,
>>
>> I don’t get how forwarding the request to a public DNS such as Cloudflare
>> or Google would fix your issue, since you said that was the Authoritative
>> servers responsible for those domains that had issues?
>
>
>
> --
> -affan
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>
--
Respectfully
Mahdi A.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20240229/830c1055/attachment.htm>
More information about the dnsdist
mailing list