[dnsdist] DNS use cases as authoritative dns server facing public internet

Jacob Bunk Nielsen jbn at one.com
Thu Jan 23 08:18:36 UTC 2020


On 23/01/2020 04.16, wbdumangeng at dilg.gov.ph wrote:
> I have a question regarding the posture of dnsdist as authoritative 
> dns server facing public internet.
> How will be the design if you would put the dnsdist (load balancer) 
> infront the origin DNS servers?
> I have two (2) internet facing authoritative DNS translated from my 
> firewall. Can I also do NAT on dnsdist
> while the origin dns servers will be on private IP address?

Short answer, yes.

Slightly longer answer, think of dnsdist more as a caching proxy/load 
balancer than as a router. So you'd set up dnsdist to listen for 
incoming queries and let dnsdist distribute the queries among backend 
servers depending on your preferred load balancing scheme. See also 

For redundancy you'll probably also want at least 2 dnsdist instances 
that can then sit in front of however many backends is required to 
handle the load.

Best regards,


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200123/c9b1506b/attachment.htm>

More information about the dnsdist mailing list