[dnsdist] How to pass source IP to the next DNS (Adguard Home)
Michel Otte
michel at cybox.nl
Thu Nov 13 07:48:43 UTC 2025
Hi Alexis,
dnsdist supports both the PROXY protocol via `useProxyProtocol` parameter
and the X-Forwarded-For, X-Forwarded-Port and X-Forwarded-Proto headers via
the `addXForwardedHeaders` parameter, both of which you can enable via
newServer: [1].
AdGuard currently does not support the PROXY protocol: [2], [3]. But
according to this issue it does support the X-Forwarded-For header. The
latter obviously only works if the connection to the backend is made via
HTTP(S), so you should be using a DoH backend connection to AdGuard Home to
make it work.
[1]: https://www.dnsdist.org/reference/config.html#newServer
[2]: https://github.com/AdguardTeam/AdGuardHome/issues/5694
[3]: https://github.com/AdguardTeam/AdGuardHome/issues/2798
With kind regards,
Michel Otte
My setup is a dnsdist server load balancing traffic to two adguard home,
> the last issue I face is that right now the dnstdist does not pass through
> the source IP which I’d like to see on Adguard for filtering.
> Is there an easy way to do that?
> Does someone have a simlar setup that works?
> Thank you
> Alexis
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20251113/221cc706/attachment.htm>
More information about the dnsdist
mailing list