<div dir="ltr">Thanks Mahdi for the reply,<div><br></div><div>Looking at it, I'll ask my client whether serving the stale data in recursive DNS will solve the problem.</div><div><br></div><div>-affan</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 29, 2024 at 1:35 PM Mahdi Adnan <<a href="mailto:mahdi@sysmin.io">mahdi@sysmin.io</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div> If the issue is intermitting and can be mitigated by serving cached data, maybe you can configure your recursive servers to serve expired data.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 29, 2024 at 8:20 AM Affan Basalamah via dnsdist <<a href="mailto:dnsdist@mailman.powerdns.com" target="_blank">dnsdist@mailman.powerdns.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Thanks for your response,<div><br></div><div>May I add that it's not the authoritative DNS, but it's the ccTLD DNS server (example like server for .com.country_names, .co.country_names, or .net.country_names)</div><div><br></div><div>There was a time when this DNS server was down, all of the traffic from the country's local ISP (who's using their own DNS server) unable to resolve the internet banking domain names, however the record usually still cached on the public DNS server (e.g. Google). </div><div><br></div><div>So there's no problem in IP connectivity from client to server, only problem is DNS cannot be resolved, because ccTLD DNS server is down. </div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 29, 2024 at 12:09 AM Nico Cartron <<a href="mailto:nicolas@ncartron.org" target="_blank">nicolas@ncartron.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
> On 28 Feb 2024, at 14:26, Affan Basalamah via dnsdist <<a href="mailto:dnsdist@mailman.powerdns.com" target="_blank">dnsdist@mailman.powerdns.com</a>> wrote:<br>
> <br>
> <br>
> Hi,<br>
> <br>
> I'm responsible for managing DNS server for service providers, and they request that DNS server usually have some important domain from my country ccTLD that usually can't be resolved because of the their authoritative DNS was not reliable, and every user usually contacted the service provider, and they ask us to forward these domains to public DNS resolver (google, CF, etc)<br>
> <br>
> Usually it become repetitive & menial effort from our side, and I wonder how it's possible these logic can be achieved using DNSDist:<br>
> <br>
> - DNSDist is installed in front of provider DNS server, and create default pool for provider DNS server<br>
> - Create another pool for public DNS server (google, CF, Q9, etc)<br>
> - Can I create list of domain that usually problematic to be redirected to the public DNS pool? <br>
> - Can I create rules for these domains to be forwarded to the public DNS pool?<br>
> - Can I create health check for these rules to be activated (every 1 or 5 minutes, to check whether the authoritative DNS server for these domain is still alive), and if the authoritative server is down, the rules is activated, these domains is forwarded to public DNS pool<br>
> - After health check find out the authoritative DNS server is alive, the rule is disabled, the domain is resolved via the provider DNS<br>
> <br>
> <br>
> Sorry because I don't completely understand the capability of DNSdist, but I hope you can shed some light to me about this, and I hope DNSdist can solve this kind of problem.<br>
<br>
Hi,<br>
<br>
I don’t get how forwarding the request to a public DNS such as Cloudflare or Google would fix your issue, since you said that was the Authoritative servers responsible for those domains that had issues?</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">-affan<br></div>
_______________________________________________<br>
dnsdist mailing list<br>
<a href="mailto:dnsdist@mailman.powerdns.com" target="_blank">dnsdist@mailman.powerdns.com</a><br>
<a href="https://mailman.powerdns.com/mailman/listinfo/dnsdist" rel="noreferrer" target="_blank">https://mailman.powerdns.com/mailman/listinfo/dnsdist</a><br>
</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr">Respectfully<div>Mahdi A.</div></div></div>
</blockquote></div><br clear="all"><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature">-affan<br></div>