[dnsdist] Matching DNS server IP in request
Aleš Rygl
ales at rygl.net
Tue May 21 09:27:31 UTC 2024
I would need to virtualy split a single dnsdist instance in the the
way, that clients sendig request to a particular IP od DNS dnsdist
(listening on multiple IPs) are sent to a dedicated pool. I could start
another dnsdist process bound to the secondary IP on the server but I
think there must be a more lelegant wa to do it ;-) It should work this
way:
>
> client1 ---> DNS req. to dnsdist IP1 ---> pool-A ---> cache-A --->
> backend A
> client2 ---> DNS req. to dnsdist IP2 ---> pool-B ---> cache-B --->
> backend B
>
> Is there a way to match a destination IP of the client's request
> in a rule in order to send it to a pool? I can not use client's IP here.
I have found a solution using. NetmaskGroupRule. Let's define
destionation IPs:
dns_vip1 = newNMG()
dns_vip1:addMask('192.168.1.1/32')
dns_vip2 = newNMG()
dns_vip2:addMask('192.168.2.1/32')
Let's define two servers and pools:
newServer({address="172.27.0.1:5053", name="dns-be1", order=1,
useProxyProtocol=true, pool="pool1" })
newServer({address="172.27.0.1:5053", name="dns-be2", order=1,
useProxyProtocol=true, pool="pool2" })
Cache:
cache1 = newPacketCache(50000, { keepStaleData=true, maxTTL=86400,
minTTL=0, numberOfShards=4, maxNegativeTTL=600, staleTTL=180 })
cache2 = newPacketCache(50000, { keepStaleData=true, maxTTL=86400,
minTTL=0, numberOfShards=4, maxNegativeTTL=600, staleTTL=180 })
getPool("pool1"):setCache(cache1)
getPool("pool2"):setCache(cache2)
And finaly the rules:
addAction(NetmaskGroupRule(dns_vip1, false), PoolAction('pool1'))
addAction(NetmaskGroupRule(dns_vip2, false), PoolAction('pool2'))
Note: if you want ot test this setup localy do not forget that it does
not process queries sent to loopback even if dnsdist is listening them.
There is no rule for such target...
I hope it cal help to someone.
Regards
Ales
More information about the dnsdist
mailing list