[dnsdist] DNS use cases as authoritative dns server facing public internet

Jacob Bunk Nielsen jbn at one.com
Thu Jan 23 08:18:36 UTC 2020


Hi

On 23/01/2020 04.16, wbdumangeng at dilg.gov.ph wrote:
> I have a question regarding the posture of dnsdist as authoritative 
> dns server facing public internet.
> How will be the design if you would put the dnsdist (load balancer) 
> infront the origin DNS servers?
> I have two (2) internet facing authoritative DNS translated from my 
> firewall. Can I also do NAT on dnsdist
> while the origin dns servers will be on private IP address?

Short answer, yes.

Slightly longer answer, think of dnsdist more as a caching proxy/load 
balancer than as a router. So you'd set up dnsdist to listen for 
incoming queries and let dnsdist distribute the queries among backend 
servers depending on your preferred load balancing scheme. See also 
https://dnsdist.org/guides/serverselection.html

For redundancy you'll probably also want at least 2 dnsdist instances 
that can then sit in front of however many backends is required to 
handle the load.

Best regards,

Jacob

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200123/c9b1506b/attachment.htm>


More information about the dnsdist mailing list