Hi,

I’ve tested this solution, all works as expected. I have only one problem. 
nproxy is running with these parameters :

        nproxy -v --chroot /tmp/ --setuid 108 --setgid 112 --listen-port 55 
--origin-address 10.0.0.1 --listen-address SlaveWANIP1 --listen-address 
SlaveWANIP2 --powerdns-address 10.0.0.11
        nproxy -v --chroot /tmp/ --setuid 108 --setgid 112 --listen-port 55 
--origin-address 10.0.0.1 --listen-address SlaveWANIP1 --listen-address 
SlaveWANIP2 --powerdns-address 10.0.0.12
        nproxy -v --chroot /tmp/ --setuid 108 --setgid 112 --listen-port 55 
--origin-address 10.0.0.1 --listen-address SlaveWANIP1 --listen-address 
SlaveWANIP2 --powerdns-address 10.0.0.13
        nproxy -v --chroot /tmp/ --setuid 108 --setgid 112 --listen-port 55 
--origin-address 10.0.0.1 --listen-address SlaveWANIP1 --listen-address 
SlaveWANIP2 --powerdns-address 10.0.0.14

when I set origin-address with my LB VIP(10.0.0.1) from LAN interface, pdns's 
behind LB thinks this is host from which it should do AXFR but this is LAN LB 
IP not Master IP. So I need master IP here but it could not be assigned because 
it’s in Internet public IP address of another server. Any suggestions how to 
solve this ?

This is my setup :

Master (MasterWANIP1 sends notify) -> Slave (SlaveWANIP1/SlaveWANIP2) LB 
running 4x nproxy (this proxy sends notify requests to LAN nodes) -> SLAVE 
PDNSs (pool of 4 nodes) (LAN IPs from range 10.0.0.0/24)

BR,
Martin

> On 27 Feb 2019, at 10:55, Martin Toth <snowmai...@gmail.com> wrote:
> 
> This is really cool idea, will test it today and let you know if it works.
> 
> Stay tuned!
> 
> BR. Martin
> 
>> On 27 Feb 2019, at 06:34, ab...@t-ipnet.net <mailto:ab...@t-ipnet.net> wrote:
>> 
>> 
>> 
>> Hello Martin,
>> 
>> Am 26. Februar 2019 17:07:25 MEZ schrieb Martin Toth <snowmai...@gmail.com 
>> <mailto:snowmai...@gmail.com>>:
>>> Hi,
>>> 
>>> Thanks for your interest. I am using dnsdist as a loadbalancer and
>>> slave nodes are in DMZ behind dnsdist. Only dnsdist server has public
>>> IPs that can be reached from Master public IP (master is located in
>>> other datacentre).
>>> Is my usecase not designed well? I thought dnsdist was designed to be
>>> used as LB for DNS services. Do you have any suggestions how to solve
>>> this or what workround should I use ?
>> 
>> Did not try it myself, but could be an option: 
>> https://doc.powerdns.com/authoritative/manpages/nproxy.1.html 
>> <https://doc.powerdns.com/authoritative/manpages/nproxy.1.html>
>> 
>>> 
>>> Thanks.
>>> 
>>> BR,
>>> 
>>>> On 26 Feb 2019, at 16:59, Remi Gacogne <remi.gaco...@powerdns.com 
>>>> <mailto:remi.gaco...@powerdns.com>>
>>> wrote:
>>>> 
>>>> Hi Martin,
>>>> 
>>>> On 2/26/19 3:58 PM, Martin Toth wrote:
>>>>> I just want to ensure myself how NOTIFY distribution in DNSDIST
>>>>> exactly works. My setup looks like this - MASTER -> DNSDIST -> SLAVE
>>>>> PDNSs (pool of 4 nodes)
>>>>> 
>>>>> My Question is if MASTER will send NOTIFY to DNSDIST, will DNSDIST
>>>>> redistribute these NOTIFY to all SLAVES in DNSDIST backend? How to I
>>>>> achieve situation that all slaves in dnsdist backend will be
>>> notified
>>>>> of zone change on MASTER?
>>>> 
>>>> I'm afraid you can't, dnsdist can route a query only to a single
>>>> backend, with the exception of the TeeAction, but I would advise
>>> against
>>>> trying to use it for that case.
>>>> Is there a reason your master doesn't speak to the slaves directly?
>>>> 
>>>> Best regards,
>>>> -- 
>>>> Remi Gacogne
>>>> PowerDNS.COM <http://powerdns.com/> BV - https://www.powerdns.com/ 
>>>> <https://www.powerdns.com/>
>> 
>> 
>> Winfried 
>> _______________________________________________
>> dnsdist mailing list
>> dnsdist@mailman.powerdns.com <mailto:dnsdist@mailman.powerdns.com>
>> https://mailman.powerdns.com/mailman/listinfo/dnsdist 
>> <https://mailman.powerdns.com/mailman/listinfo/dnsdist>

_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist

Reply via email to