[Pdns-users] [E] Re: Powerdns on AWS Instances

Frank Louwers frank+pdns at tembo.be
Wed Apr 28 08:22:33 UTC 2021 

While this will indeed work, please note that using dnsdist.org has huge advantages: a simple (dns-unaware) LB will LB the request, either round-robin or in a least-outstanding manner.

A dns-aware LB (such as dnsdist) will do this much more intelligently, which results in higher cache ration and improved performance. It will also enable you to do other things, like send suspicious queries to a specific instance, perform logging etc...

Kind Regards,

Frank

> On Apr 28, 2021, at 9:08 AM, Giovanni Vecchi via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
> 
> Hi Chhavi,
> 
> I can confirm you can use AWS ELB (Network Load Balancer) in order to Load Balance DNS queries: I configured it too in our production environment.
> I created a single target group containing all the EC2 instances where rec is installed in order to balance 53/UDP port and 53/TCP is used for health checks.
> No problem for more than a year now.
> 
> On Wed, 28 Apr 2021 at 02:21, Chhavi Mittal via Pdns-users <pdns-users at mailman.powerdns.com <mailto:pdns-users at mailman.powerdns.com>> wrote:
> I have a lot of ALIAS records so I am using a recursor to resolve those to A records.
> I am using NATIVE domain "." with all the records pointing to it. So I have a local pdns and pdns-recursor on all instances and they all will be connecting to aws aurora db cluster to read data. 
> And since I have so many instances I would like to put them behind a load balancer and we use aws ec2 load balancer so if I can use aws instances then this becomes easy to setup.
> 
> Any issues you see in this approach please let me know.
> 
> Best,
> Chhavi
> 
> On Tue, Apr 27, 2021 at 3:54 PM Kevin P. Fleming <kevin at km6g.us <mailto:kevin at km6g.us>> wrote:
> If you use a 'Network Load Balancer' then you can use that to
> distribute UDP traffic to your instances, it appears, and then also
> set it up to distribute TCP traffic since your servers should support
> TCP too.
> 
> What is the reason you are using both PowerDNS Auth and Recursor on 32
> instances?
> 
> On Tue, Apr 27, 2021 at 6:34 PM Chhavi Mittal
> <chhavi.mittal at verizonmedia.com <mailto:chhavi.mittal at verizonmedia.com>> wrote:
> >
> > I have 32 instances in production and I might be adding more so definitely need the load balancer. That's why I am wondering if I can use aws instances.
> >
> >
> > On Tue, Apr 27, 2021 at 3:33 PM Kevin P. Fleming <kevin at km6g.us <mailto:kevin at km6g.us>> wrote:
> >>
> >> If you just have one instance, or a small number of instances, there's
> >> no real reason to use a load balancer.
> >>
> >> On Tue, Apr 27, 2021 at 4:06 PM Nico CARTRON via Pdns-users
> >> <pdns-users at mailman.powerdns.com <mailto:pdns-users at mailman.powerdns.com>> wrote:
> >> >
> >> > On 27-Apr-2021 21:17 CEST, <pdns-users at mailman.powerdns.com <mailto:pdns-users at mailman.powerdns.com>> wrote:
> >> >
> >> > > Hello,
> >> > >
> >> > > Is it possible to deploy powerdns on aws instances and have the instances
> >> > > run behind an ec2 load balancer?
> >> > > Any tips to set this up would be really helpful.
> >> > >
> >> > > My current design is a powerdns server and a pdns-recursor running on the
> >> > > same host (not aws) and I am using aws aurora mysql cluster as my backend
> >> > > with all the domains and records information. This setup is working as
> >> > > expected and I am able to resolve records that are saved in aurora sql db.
> >> > > Now I want to move pdns and pdns-recursor to aws instance so wondering what
> >> > > all issues I will face as I am not able to find any documentation about it.
> >> >
> >> > Sounds like a mission for dnsdist! (https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dnsdist.org&d=DwIBaQ&c=sWW_bEwW_mLyN3Kx2v57Q8e-CRbmiT9yOhqES_g_wVY&r=zhXmtZOB8qouWS1ukhEyCOSrM390DVZ1dg-asUtrEKo&m=wOeR0G5rNn_yQWhpuAiddQh4cnx-MxZ6VZwexVoiX8c&s=xVbxtLkoQxjJty7DpaziKKeUN5Bu8OsPDo5hU6hcqrw&e= <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dnsdist.org&d=DwIBaQ&c=sWW_bEwW_mLyN3Kx2v57Q8e-CRbmiT9yOhqES_g_wVY&r=zhXmtZOB8qouWS1ukhEyCOSrM390DVZ1dg-asUtrEKo&m=wOeR0G5rNn_yQWhpuAiddQh4cnx-MxZ6VZwexVoiX8c&s=xVbxtLkoQxjJty7DpaziKKeUN5Bu8OsPDo5hU6hcqrw&e=> )
> >> >
> >> >
> >> > --
> >> > Nico
> >> > _______________________________________________
> >> > Pdns-users mailing list
> >> > Pdns-users at mailman.powerdns.com <mailto:Pdns-users at mailman.powerdns.com>
> >> > https://urldefense.proofpoint.com/v2/url?u=https-3A__mailman.powerdns.com_mailman_listinfo_pdns-2Dusers&d=DwIBaQ&c=sWW_bEwW_mLyN3Kx2v57Q8e-CRbmiT9yOhqES_g_wVY&r=zhXmtZOB8qouWS1ukhEyCOSrM390DVZ1dg-asUtrEKo&m=wOeR0G5rNn_yQWhpuAiddQh4cnx-MxZ6VZwexVoiX8c&s=Sr_880ZFHY0VwWs80L9dBBlzn318SkqL1ZxqQXIGD_A&e= <https://urldefense.proofpoint.com/v2/url?u=https-3A__mailman.powerdns.com_mailman_listinfo_pdns-2Dusers&d=DwIBaQ&c=sWW_bEwW_mLyN3Kx2v57Q8e-CRbmiT9yOhqES_g_wVY&r=zhXmtZOB8qouWS1ukhEyCOSrM390DVZ1dg-asUtrEKo&m=wOeR0G5rNn_yQWhpuAiddQh4cnx-MxZ6VZwexVoiX8c&s=Sr_880ZFHY0VwWs80L9dBBlzn318SkqL1ZxqQXIGD_A&e=>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com <mailto:Pdns-users at mailman.powerdns.com>
> https://mailman.powerdns.com/mailman/listinfo/pdns-users <https://mailman.powerdns.com/mailman/listinfo/pdns-users>
> 
> 
> -- 
>  <http://www.certego.net/>	
> Giovanni Vecchi
> Infrastructure Lead Engineer, Certego
> +39-059-7353333 <tel:+39-059-7353333>
>  <http://www.linkedin.com/company/certego>  <http://twitter.com/Certego_IRT>  <http://github.com/certego>  <http://www.youtube.com/CERTEGOsrl>  <http://plus.google.com/117641917176532015312>
> Use of the information within this document constitutes acceptance for use in an "as is" condition. There are no warranties with regard to this information; Certego has verified the data as thoroughly as possible. Any use of this information lies within the user's responsibility. In no event shall Certego be liable for any consequences or damages, including direct, indirect, incidental, consequential, loss of business profits or special damages, arising out of or in connection with the use or spread of this information.
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20210428/06379bab/attachment.htm>

More information about the Pdns-users mailing list