[dnsdist] Rule for lowering the TTL for a specific qname with qtype TXT
Tom
lists at verreckte-cheib.ch
Tue Sep 23 15:10:42 UTC 2025
Hi Otto
I was able to do this with addResponseAction like this:
addResponseAction(
AndRule({
RegexRule("^_acme-challenge\\."),
QTypeRule(DNSQType.TXT),
RCodeRule(DNSRCode.NXDOMAIN)
}),
LimitTTLResponseAction(10,10,{6})
)
Thanks for giving me the right hint,
Tom
On 9/23/25 07:40, Otto Moerbeek via dnsdist wrote:
> Hello
>
> and AndRule is one possible approach, but if you use a packet cache,
> you can also set maxNegativeTTL. This TTL will be used then for all
> NXDomain or NoData answers.
> See https://www.dnsdist.org/reference/config.html#packetcache
>
> And AndRule would look like
>
> addResponseAction(AndRule{...}, ...)
>
> -Otto
>
> On Tue, Sep 23, 2025 at 07:14:36AM +0200, Tom via dnsdist wrote:
>
>> Hi list
>>
>> I'm struggling with implementing the following dnsdist rule/behavior:
>> If...
>> a) qname starts with "_acme-challenge" AND
>> b) qtype is TXT AND
>> c) RCODE is NXDOMAIN
>> then
>> lower the response TTL to 30s.
>>
>> What's the best way to achieve this? With a LUA rule or perhaps with
>> "addAction(AndRule..."?
>>
>> Thanks in advance for any hints.
>> Tom
>> _______________________________________________
>> dnsdist mailing list
>> dnsdist at mailman.powerdns.com
>> https://mailman.powerdns.com/mailman/listinfo/dnsdist
> _______________________________________________
> dnsdist mailing list
> dnsdist at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/dnsdist
More information about the dnsdist
mailing list