[dnsdist] Per-domain cache and CNAME records
Carlo Rengo
info at carlorengo.it
Tue Apr 5 14:20:42 UTC 2022
Hello everyone,
I have a PowerDNS Authoritative server, where some domains starting with a
specific pattern end up in a "pipe" backend (instead of going to the main,
MySQL-powered backend). The pipe command returns a different result based
on some conditions, so I found myself forced to disable the cache globally.
Given that I want to put dnsdist in front of PowerDNS Authoritative (for
various reasons) I was thinking to create two pools pointing to the same
backend server, associate a packet cache only to one of them, then send the
"pattern" queries to the non-cached backend. So I made this:
newServer({address='127.0.0.1:5301'})
newServer({address='127.0.0.1:5301', pool="noCache"})
pc = newPacketCache(20000000, {maxTTL=86400, minTTL=0,
temporaryFailureTTL=60, staleTTL=3600, dontAge=false})
getPool(""):setCache(pc)
special_domains = newSuffixMatchNode()
special_domains:add(newDNSName("pattern-a.mydomain.com."))
special_domains:add(newDNSName("pattern-b.mydomain.com."))
addAction(SuffixMatchNodeRule(special_domains), PoolAction("noCache"))
which works perfectly, but there's a catch. We have plenty of records
outside of those patterns that are CNAMEs to those patterns, i.e. "
www.mydomain.com" is a CNAME for "www.pattern-a.mydomain.com". Therefore,
queries like these end up being cached, which is not what I want to achieve.
Is there anything I can do to avoid that?
Thanks,
Carlo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20220405/39ce131b/attachment.htm>
More information about the dnsdist
mailing list