[Pdns-users] Proxy mapped address used for allow-from

Robby Pedrica rpedrica at gmail.com
Fri Jan 20 15:48:31 UTC 2023


Hi all,

I'm not sure if this is a change in behaviour or I simply haven't noticed
this before but after upgrading my docker image today, I've seen queries
being dropped due to the mapped address in my proxy mappings being used for
allow-from rather than the src/original address. I use a private-public
address mapping in the proxy maps because I use the mapped public IP as
part of ecs/edns.

I've now set:

proxy-protocol-from=<mapped ip> (or should this be the src IP?)

but this doesn't appear to have changed anything and queries are still
being dropped.

Can anyone advise where I'm going wrong? I don't mind putting the mapped
(public) IP in allow-from but would prefer not to do it if not required.

Regards

-- 
Robby Pedrica

c: +27 82 416 8696
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20230120/bb922b70/attachment.htm>


More information about the Pdns-users mailing list