[dnsdist] DNS use cases as authoritative dns server facing public internet
Jacob Bunk Nielsen
jbn at one.com
Thu Jan 23 08:18:36 UTC 2020
Hi
On 23/01/2020 04.16, wbdumangeng at dilg.gov.ph wrote:
> I have a question regarding the posture of dnsdist as authoritative
> dns server facing public internet.
> How will be the design if you would put the dnsdist (load balancer)
> infront the origin DNS servers?
> I have two (2) internet facing authoritative DNS translated from my
> firewall. Can I also do NAT on dnsdist
> while the origin dns servers will be on private IP address?
Short answer, yes.
Slightly longer answer, think of dnsdist more as a caching proxy/load
balancer than as a router. So you'd set up dnsdist to listen for
incoming queries and let dnsdist distribute the queries among backend
servers depending on your preferred load balancing scheme. See also
https://dnsdist.org/guides/serverselection.html
For redundancy you'll probably also want at least 2 dnsdist instances
that can then sit in front of however many backends is required to
handle the load.
Best regards,
Jacob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200123/c9b1506b/attachment.htm>
More information about the dnsdist
mailing list