[dnsdist] Trafic redirect via ports

Thibaud Dublé thibaud.duble at wanadoo.fr
Thu Mar 23 15:26:11 UTC 2017

Hi Bert,
Thank you for your answer it helped me to get what I wanted.
I think this previous post might help you to understand what I wanted :
To summarize, 
I want queries going to to be treated by the bind1 pool
And I want queries going to to be treated by the bind2 pool
Finally, if all the BIND servers (containers) go down, I send the incoming queries to the other dnsdist on the second host server.
I was using the addPoolRule() function the opposite way, so I added the "false' parameter in order to match the destination ip:port.
This is now how my config and function look like: 
bind1NMG = newNMG()
addPoolRule(NetmaskGroupRule(bind1NMG , false),"bind")
bind2NMG = newNMG()
addPoolRule(NetmaskGroupRule(bind2NMG , false),"bind2")
function portSelection(dq)
        if(dq.localAddr:getPort()==5353) then
                return DNSAction.Pool, "bind"
        else if(dq.localAddr:getPort()==5354) then
                return DNSAction.Pool, "bind2"

addLuaAction("", portSelection)
I hope it also helps you as much as it helped me.

> Message du 23/03/17 13:29
> De : "bert hubert" 
> A : "Thibaud Dublé" 
> Copie à : dnsdist at mailman.powerdns.com
> Objet : Re: [dnsdist] Trafic redirect via ports
> On Thu, Mar 23, 2017 at 09:51:09AM +0100, Thibaud Dublé wrote:
> > The first idea was to send traffic to the other dnsdist for "pool1" on port 5353 and traffic for "pool2" on port 5354,
> > but it looks like it is impossible to add Pool Rules to a specific IP:port.
> Hi Thibaud,
> I am a bit confused. I think I know what you mean, but perhaps can you
> clarify. 
> > Ideally, the pool rule config would look like this :
> >  
> > bind1NMG = newNMG()
> > bind1NMG:addMask("")
> > bind1NMG:addMask("")
> > bind1NMG:addMask("")
> So you want to add source port selection to the rule?
> Are you sure traffic will always come in from that source port? Usually that
> is not the case as source ports tend to be dynamic.
> If this is what you want, today you could do that with a Lua selection rule:
> function luarule(dq)
> if(dq.remoteAddr:getPort()==5353) 
> then
> return DNSAction.Pool, "bind" 
> else
> return DNSAction.Pool, "bind2" 
> end
> end
> And then:
> addLuaAction("", luarule)
> You may need to change this a little bit to compensate for typos or errors,
> but this is the idea.
> Good luck - if this really solves your problem we could make a direct rule
> for it. Please let us know.
> Bert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20170323/4227c314/attachment.html>

More information about the dnsdist mailing list