[Pdns-users] allow-from and recursion
Aki Tuomi
cmouse at cmouse.fi
Sun Aug 5 15:13:23 UTC 2018
dnsdist can be setup rather simple as well.
You can basically use https://doc.powerdns.com/authoritative/guides/recursion.html, which does not feel too complicated.
Aki
> On August 5, 2018 at 5:07 PM Sergio Cesar <sergio at winc.net> wrote:
>
>
> Thank you for the reply,
>
> My setup is very simple, found little help in configuring dnsdist that
> looks so complicated and one more thing to go wrong. Like killing a fly
> with a cannon.
>
> We have just one server ns1 replicating to a second ns2 via direct mysql
> replication.
>
> Perhaps you have a simple configuration example for all 3 pdns,
> pdns-recursor and dnsdist, I can use for a simple setup like mine. We
> do have ipv4 and ipv6 addresses for our servers.
>
> Thanks again.
>
> Sergio
>
>
>
> On 08/05/2018 08:37 AM, Aki Tuomi wrote:
> > On Sat, Aug 04, 2018 at 07:01:36PM -0500, Sergio Cesar wrote:
> >> Installed PDNS 4.1.3 on a ubuntu 18.04.
> >>
> >> I have try to follow
> >> https://doc.powerdns.com/authoritative/guides/recursion.html setting up
> >> scenario 1:
> >>
> >> Any address I enter in "allow-from" is able to query the server and
> >> recursion works ok, but no other query from the Internet is successful
> >> unless I add 0.0.0.0/0 unfortunately this is not acceptable to have a
> >> fully open server to the Internet.
> >>
> >> In bind we have "allow-recursion" and a list of all the addresses the
> >> server will respond to and still respond to any query to domains itself
> >> hosts .
> >>
> >> How can I configure pdns and pdns-recursor to respond to queries from
> >> anyone to the authoritative server but only recurse to the allowed list?
> >> without having an open dns on the Internet?
> >>
> >> Thanks.
> >>
> > You use dnsdist for this.
> >
> > Aki Tuomi
>
More information about the Pdns-users
mailing list