[dnsdist] Handling auth and recursive queries
abang
abang at t-ipnet.net
Mon Dec 12 07:22:31 UTC 2016
Am 12.12.2016 um 04:42 schrieb Chris:
> The part I am stuck on is it does not appear to be possible to direct
> queries to certain IP's to certain pools. As an example, my caching
> resolver IP's are 10.254.1.1, 10.254.1.2. I use addLocal like this:
>
> addLocal("10.254.1.1:53")
> addLocal("10.254.1.2:53")
>
> I want to direct all queries destined to those two IP's to the
> dnscache pool. I want to do the same thing for the other "addLocal"
> IP's as well, queries to the IP's for our own domains should go to
> pool dnsauth-internal, queries for the IP's for shared hosting should
> go to pool dnsauth-shared etc. Is this possible with dnsdist? I can
> see how I can do it based on filtering the domains but at the scale I
> am using this it isn't really possible for me, the dnsauth-shared pool
> for example has over 2M domains, dnsauth-dnshosting has over 4M
> domains and there are very frequent changes to the domains for these.
See http://dnsdist.org/README/
"NetmaskGroupRule(nmg, [*src-bool*]):
matches traffic from the specified network range. Pass false as second
parameter to *match NetmaskGroup against destination address instead of
source address*"
So this should work:
dnscache_NMG = newNMG()
dnscache_NMG:addMask("10.254.1.1/32")
dnscache_NMG:addMask("10.254.1.2/32")
newServer({address="10.254.1.10", pool="dnscache"})
newServer({address="10.254.1.11", pool="dnscache"})
addPoolRule(NetmaskGroupRule(dnscache_NMG , false), "dnscache")
--
Winfried
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20161212/90410b4c/attachment.html>
More information about the dnsdist
mailing list