[dnsdist] can dns responses be changed or suppressed ( E.g. suppress A records for all internal IPs) ?
Balg, Andreas
Andreas.Balg at haufe.com
Thu Jun 7 13:47:48 UTC 2018
Hi everybody,
I've read quite a lot about dnsdist but I could not figure out how and
if it would also e possible to run dnsdist in order to "rewrite" or
suppress dns query RESPONSES?
In short: I'd like to suppress e.g. any A record that contains internal
IPs from the private IP space in order to hide internal topology better
from outside clients without the need to run and maintain multiple
instances of a single dns-zone for internal or external "view".
The most interesting part would be to achieve the same for AXFR
requests to external slaves so we could "mirror" our internal DNS zones
to an external slave operated by a cloud DNS service provider for
maximum stability.
Did anybody do sth. like that before? Do you guys consider this a
feasible approach at all? Are there any examples of config-files for
dnsdist how to achieve such a thing?
thanks in advance for any thought about this.
Cheers,
Andreas
More information about the dnsdist
mailing list