[Pdns-dev] PROXY v.1 support in PowerDNS recursor

bert hubert bert.hubert at powerdns.com
Mon Dec 10 20:15:13 UTC 2018


On Mon, Dec 10, 2018 at 11:47:49AM -0800, Angelo Ovidi wrote:
> in modern Cloud environment is now almost essential to support PROXY
> protocol version 1 (and 2) in order to bypass the limitation in terms of
> losing the source IP of a customer trough global balancers.

Hi Angelo,

Within DNS we use EDNS Client Subnet for this purpose generally. This means
using a load-balancer (like dnsdist) that can add the EDNS Client Subnet
option. We also have a better suited feature for this called XPF https://tools.ietf.org/id/draft-bellis-dnsop-xpf-04.html

> Is there any plan to have this support in PowerDNS recursor in order to
> have PowerDNS capable to grasp the original source IP of a customer?
> If not any suggestion if there is a way to use LUA scripting on the ipset
> chain to do that and pass to the resolver?

Which load balancers support 'PROXY protocol version 1'? Does Amazon support
this? Or other popular environments?

Do you have links? This could help us estimate if we should add this in
addition to EDNS Client Subnet.

Thanks!



More information about the Pdns-dev mailing list