[dnsdist] How to force connect via TCP to downstream server?

Remi Gacogne remi.gacogne at powerdns.com
Fri Sep 4 13:00:09 UTC 2020


Hi Andrew,

On 9/4/20 2:51 PM, Andrew Pogrebennyk via dnsdist wrote:
> I am using dnsdist as load-balancer because I want specific types of
> queries to be routed to different downstream servers. I have one
> specific server that only responds on TCP (non-standard port) but it is
> immediately marked as down because dnsdist is doing the healthcheck over
> UDP.
> 
> So in my example below Enum DNS is only reachable via TCP. Is there a
> way to disable UDP to this server? I've added type = tcp under server,
> but it does not make any difference.
> 
> I can't seem to find any documented switch in newServer() for that
> purpose - any ideas why?

Unfortunately that feature doesn't exist, and I'm not sure it would make
sense to disable UDP in most cases. It would be nice to be able to do
the health checks over TCP, though, but that has not been implemented
yet either.
If you only care about TCP what you could do, however, is to disable the
health check for that backend:

tcpServ = newServer({
    address = "8.8.8.8",
    name = "external_dns_1",
    pool = "ExternalPool",
    type = tcp,
})
tcpServ:setUp()

Queries sent over TCP will then be forwarded over TCP. Queries received
over UDP will be sent over UDP, as usual, but if you only want TCP to
work that's fine.

Hope that helps,

-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20200904/c29d2bfd/attachment.sig>


More information about the dnsdist mailing list