[dnsdist] can dns responses be changed or suppressed ( E.g. suppress A records for all internal IPs) ?
bert hubert
bert.hubert at powerdns.com
Mon Jun 11 08:40:41 UTC 2018
On Mon, Jun 11, 2018 at 10:09:55AM +0200, Remi Gacogne wrote:
> > In short: I'd like to suppress e.g. any A record that contains internal
> > IPs from the private IP space in order to hide internal topology better
> > from outside clients without the need to run and maintain multiple
> > instances of a single dns-zone for internal or external "view".
(...)
> I'm afraid not. We try hard to limit the parsing of responses to a
> minimum in dnsdist for performance reasons, and we don't have the
However, it is possible to do this in the PowerDNS Recursor in
postresolve(), where records can be stripped or replaced.
Bert
More information about the dnsdist
mailing list