[dnsdist] DNS use cases as authoritative dns server facing public internet
Jacob Bunk Nielsen
jbn at one.com
Thu Jan 23 08:18:36 UTC 2020
On 23/01/2020 04.16, wbdumangeng at dilg.gov.ph wrote:
> I have a question regarding the posture of dnsdist as authoritative
> dns server facing public internet.
> How will be the design if you would put the dnsdist (load balancer)
> infront the origin DNS servers?
> I have two (2) internet facing authoritative DNS translated from my
> firewall. Can I also do NAT on dnsdist
> while the origin dns servers will be on private IP address?
Short answer, yes.
Slightly longer answer, think of dnsdist more as a caching proxy/load
balancer than as a router. So you'd set up dnsdist to listen for
incoming queries and let dnsdist distribute the queries among backend
servers depending on your preferred load balancing scheme. See also
For redundancy you'll probably also want at least 2 dnsdist instances
that can then sit in front of however many backends is required to
handle the load.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dnsdist