[dnsdist] Prevent binding to localhost?

Christopher Engelhard ce at lcts.de
Fri Feb 8 15:51:22 UTC 2019

Hi Seth,

> I wanted to run dnsdist on top of my existing PowerDNS servers to 
> provide DNS over TLS, but it wants to bind to which is of 
> course already in use.

Have you tried setLocal()? setLocal() overwrites the configured 
listeners instead of adding them.

f you want non-TLS-traffic to go to the pdns server directly you could 
use setLocal() to make dnsdist listen elsewhere:

   addTLSLocal(<public ip>)
   newServer( address="", id="PowerDNS" )

, but if you're running dnsdist anyway, it's probably better to let it 
handle all inbound queries:

   setLocal(<public ip>:53)
   addTLSLocal(<public ip>:53)
   newServer( address="", id="PowerDNS" )

, with PDNS binding ONLY to localhost.


Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190208/2aebf2a2/attachment.html>

More information about the dnsdist mailing list