[Pdns-users] Announcing: DNS over HTTPS on doh.powerdns.org
Daniel Stirnimann
daniel.stirnimann at switch.ch
Mon Aug 27 07:44:41 UTC 2018
On 25.08.18 12:23, sthaug at nethelp.no wrote:
> Currently happily using PowerDNS Recursor (4.1.3) on 5 servers in an
> anycast configuration. Currently *not* using dnsdist (because it's
> not obvious to me why I need it, and it's one more moving part that
> could potentially break).
What if you have a few bad users which hammer one of the PowerDNS
Recursor servers? It will surely degrade service quality for all users
which are routed to this same server. I found that I can more easy
distribute or filter the load using dnsdist.
How do you monitor the correct working of a PowerDNS Recursor? At what
point do you decide to stop an anycast announcement for a server? I
found that our service is more stable when using dnsdist with multiple
backend resolvers during network stability issues.
Or to put it in numbers. In our old setup without dnsdist we had 1 or 2
events per year with short regional service degradation. Since using
dnsdist in early 2016 there have been none.
Daniel
More information about the Pdns-users
mailing list