[Pdns-users] Reply source address selection

Jaco Engelbrecht bje at serendipity.org.za
Mon Oct 8 08:57:22 UTC 2007 

Hi,

I was wondering if there's any work underway, or if anyone has produced
a patch, that will allow PowerDNS to use the interface that a DNS
request came in on, as reply source address, instead of 1) letting the
system use the lowest-numbered interface IP address, or 2) specifying
the PowerDNS query-local-address configuration option.

A little bit more about my current PowerDNS implementation and problem
at hand -

* I currently have a PowerDNS setup and have already configured service
IPs (anycast IPs that can float between servers in different countries)
for my three authoritative servers.

* I'm now about to migrate an ISP (one of many) to this PowerDNS setup,
and was hoping to simply move the existing three service IP addresses in
use by this ISP over to my 3 PowerDNS servers.  We're doing this for
various reasons, such as VISP branding, ease of migration, etc.

Current setup looks like this:

 - 192.168.1.1 as my ethernet IP
 - 172.22.2.2 as my service IP for ISP1
 - and will now move 10.1.1.1 as a second service IP for ISP 2 to this
setup.

I'm making use of the query-local-address at the moment to source
replies from 172.22.2.2.  That works great with only one ISP on the
platform.

16:20:09.021676 IP 192.168.100.200.52966 > 172.22.2.2.53:  35026+ A?
example.com. (27)
16:20:09.022688 IP 172.22.2.2.53 > 192.168.100.200.52966:  35026*- 1/0/0
A 127.0.0.1 (43)

But as soon as I move 10.1.1.1 to this setup, replies will be sourced
from 172.22.2.2, if a query was sent to 10.1.1.1.

16:20:17.413236 IP 192.168.100.200.52966 > 10.1.1.1.53:  9600+ A?
example.com. (27)
16:20:17.413301 IP 172.22.2.2.53 > 192.168.100.200.52966:  9600*- 1/0/0
A 127.0.0.1 (43)
16:20:22.414508 IP 192.168.100.200.52966 > 10.1.1.1.53:  9600+ A?
example.com. (27)
16:20:22.414554 IP 172.22.2.2.53 > 192.168.100.200.52966:  9600*- 1/0/0
A 127.0.0.1 (43)
16:20:27.418515 IP 192.168.100.200.52966 > 10.1.1.1.53:  9600+ A?
example.com. (27)
16:20:27.418569 IP 172.22.2.2.53 > 192.168.100.200.52966:  9600*- 1/0/0
A 127.0.0.1 (43)

Has anyone evaluated what's involved with changing the PowerDNS code to
make this work?  Is there anyone else out there that'd be interested in
this functionality?  Any particular reason why this wasn't implemented yet?

Thanks,
Jaco

--
bje at serendipity.org.za
the faculty of making fortunate discoveries

More information about the Pdns-users mailing list