[dnsdist] How to force connect via TCP to downstream server?

Andrew Pogrebennyk andrew.nau.ua at gmail.com
Fri Sep 4 12:51:26 UTC 2020


Hi,
I am using dnsdist as load-balancer because I want specific types of
queries to be routed to different downstream servers. I have one specific
server that only responds on TCP (non-standard port) but it is immediately
marked as down because dnsdist is doing the healthcheck over UDP.

So in my example below Enum DNS is only reachable via TCP. Is there a way
to disable UDP to this server? I've added type = tcp under server, but it
does not make any difference.

I can't seem to find any documented switch in newServer() for that purpose
- any ideas why?

The config itself is pretty small and simple:

# cat /usr/local/etc/dnsdist.conf
setKey("2McKVlznAsk/Bv0KPdrW2GWBkTTrhN8TIqBkd9IIrG0=")
setConsoleACL("127.0.0.0/8")
controlSocket("127.0.0.1")

addLocal("0.0.0.0:53")

setServerPolicy(firstAvailable)

addAction( AndRule({ RegexRule("^([0-9]\\.){3,}"),
QTypeRule(DNSQType.NAPTR) }), PoolAction("ENUMPool") )
addAction( RegexRule("ims\\.mnc001\\.mcc001\\.3gppnetwork\\.org"),
PoolAction("InternalPool") )
addAction( AllRule(), PoolAction("ExternalPool") )



newServer({
    address = "8.8.8.8",
    name = "external_dns_1",
    pool = "ExternalPool",
    type = tcp,
})


newServer({
    address = "10.8.0.119",
    name = "internal_dns_1",
    pool = "InternalPool",
})


newServer({
    address = "10.8.0.118:1153",
    name = enum_dns_1",
    pool = "ENUMPool",
    type = tcp,
})

 # dnsdist --version
dnsdist 1.4.0 (Lua 5.1.4 [LuaJIT 2.1.0-beta3])
Enabled features: ebpf libsodium recvmmsg/sendmmsg

It's running in docker based on alpine.
Thanks.

-- 
Regards,
Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200904/46e81145/attachment.htm>


More information about the dnsdist mailing list