[dnsdist] [EXT] Re: Is the sub-path of a DoH query passed to the backend?

Remi Gacogne remi.gacogne at powerdns.com
Thu May 20 04:41:50 UTC 2021

Hi Suresh,

On 5/20/21 12:05 AM, Suresh Gunasekaran wrote:
> 1. Is there a way to run a custom script either before a DoH query is 
> sent to the backend server or after a response was received from the 
> backend? And can this script have access to the sub-path?

That can be done using a LuaAction [1] and the HTTP-related accessors of 
the DNSQuestion object, in your case getHTTPPath() [2], I believe.

> 2. If the incoming request had a custom value in the Forwarded (or 
> X-Forwarded-For) header will that information be sent to the backend 
> server? The documentation talks about support for X-Proxied-For header 
> via the addXPF parameter. Is that same as X-Forwarded-For?

No, XPF is a very different thing, see [3]. The trustForwardedForHeader 
[4] parameter of the addDOHLocal() directive might be what you are 
looking for, since it tells dnsdist to trust the X-Forwarded-For header 
present in the query and use that as source client IP.

[1]: https://dnsdist.org/advanced/luaaction.html
[2]: https://dnsdist.org/reference/dq.html#DNSQuestion:getHTTPPath
[3]: https://dnsdist.org/advanced/passing-source-address.html#x-proxied-for

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

More information about the dnsdist mailing list