[Pdns-dev] (no subject)

Burak Ozalp burak.ozalp at metu.edu.tr
Tue Aug 25 13:52:33 CEST 2015 

Dear Bert;

Firstly, thanks a lot for fast and illustrative replies. i learned a  
lot of things. But i have a problem again :(
I change the dnsdistconf.lua file blockfilter() function as:
function blockFilter(remote, qname, qtype, dh)

      print("any query, tc=1")
      dh:setTC(true)
	 dh:setQR(true)

	 if(qname:isPartOf(block))
	 then
		print("Blocking *.powerdns.org")
		return true
	 end
	 return false
end

then i did re-installation and run dnsdist. However, nothing is changed..




Alinti bert hubert <bert.hubert at powerdns.com>

> sent from the wrong account first, sorry.
>
>> Begin forwarded message:
>>
>> Subject: Re: [Pdns-dev] How to set PowerDNS Server with option any-to-tcp
>> From: bert hubert <bert.hubert at netherlabs.nl>
>> Date: 25 Aug 2015 12:39:05 CEST
>> Cc: Aki Tuomi <cmouse at youzen.ext.b2.fi>, pdns-dev at mailman.powerdns.com
>> To: Burak Ozalp <burak.ozalp at metu.edu.tr>
>>
>>
>>> On 25 Aug 2015, at 12:24, Burak Ozalp <burak.ozalp at metu.edu.tr> wrote:
>>>
>>> Thanks Bert,
>>>
>>> I installed dnsdist. with addAnyTCRule() i can easily do pdns  
>>> any-to-tcp(). However, i couldn't manage to do for all types of  
>>> queries. Should I patch the conf file ?
>>
>>
>> Hi Burak,
>>
>> Try:
>>
>> "The blockFilter() also gets passed read/writable copy of the DNS  
>> Header. If you invoke setQR(1) on that, dnsdist knows you turned  
>> the packet into a response, and will send the answer directly to  
>> the original client.
>>
>> If you also called setTC(1), this will tell the remote client to  
>> move to TCP/IP, and in this way you can implement ANY-to-TCP even  
>> for downstream servers that lack this feature.?
>>
>> See:  
>> https://github.com/PowerDNS/pdns/blob/master/pdns/README-dnsdist.md#any-or-whatever-to-tc
>>
>>
>> just call setQR(1) and setTC(1) on the header field of  
>> blockFilter() and you are done.
>>
>> Good luck!
>>
>>
>>
>>>
>>> Best Regards
>>> Burak Ozalp
>>>
>>> Alinti bert hubert <bert.hubert at powerdns.com>
>>>
>>>> Hi Burak,
>>>>
>>>> dnsdist can do this easily, please see http://dnsdist.org/ for  
>>>> more details.
>>>> It can set TC on any criterium.
>>>>
>>>> Good luck!
>>>>
>>>> 	Bert
>>>>
>>>> On Tue, Aug 25, 2015 at 09:59:12AM +0300, Burak Ozalp wrote:
>>>>> Dear Tuomi,
>>>>>
>>>>> Yes it works.Does it possible to force all UDP request with
>>>>> truncated packet, and force all to use TCP ?
>>>>>
>>>>> Best Regards
>>>>> Burak Ozalp
>>>>>
>>>>>
>>>>>
>>>>> Alinti Aki Tuomi <cmouse at youzen.ext.b2.fi>
>>>>>
>>>>>> On Mon, Aug 24, 2015 at 03:36:02PM +0300, Burak Ozalp wrote:
>>>>>>> I install PowerDNS with MySql backend from here.I would like to set
>>>>>>> any-to-tcp=yes for PowerDNS Server. I tried to configure
>>>>>>> /etc/powerdns/pdns.conf file and add a line "any-to-tcp=yes". This
>>>>>>> option should reject UDP request from client and force to use tcp.
>>>>>>> But when i run dig @127.0.0.1 it doesn't set the truncated bit in
>>>>>>> response, so it doesn't work.
>>>>>>>
>>>>>>> How to set correctly any-to-tcp option ?
>>>>>>>
>>>>>>
>>>>>> It only truncates ANY query, try dig any domain.com @localhost
>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Pdns-dev mailing list
>>>>>>> Pdns-dev at mailman.powerdns.com
>>>>>>> http://mailman.powerdns.com/mailman/listinfo/pdns-dev
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Pdns-dev mailing list
>>>>> Pdns-dev at mailman.powerdns.com
>>>>> http://mailman.powerdns.com/mailman/listinfo/pdns-dev
>>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>
>

More information about the Pdns-dev mailing list