[dnsdist] Match CAA queries

Remi Gacogne remi.gacogne at powerdns.com
Fri Aug 18 09:49:50 UTC 2017


On 08/18/2017 04:42 AM, Ask Bjørn Hansen wrote:
> I’d like to match CAA queries and either send them to another backend
> or just make up a “NOERROR” answer.
> I tried puzzling through the reference documentation, but I was
> really missing an example to go off. Any suggestions? :-)

A simple QTypeRule(dnsdist.CAA) should match, so something like:

addAction(QTypeRule(dnsdist.CAA), PoolAction("mypool"))

should be enough to route it to a different pool, for example. I think
you should be able to use RCodeAction to make a NOERROR answer too.

> Vaguely related — is it be possible to rewrite tcp queries coming
> into dnsdist to udp queries to the backend? It doesn’t appear to be.
> (I am trying to make rbldnsd look like it’s behaving a little
> nicer).

No, it's not.

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20170818/2a44add1/attachment-0001.sig>

More information about the dnsdist mailing list