On 27/02/2020 10.58, Jochen Demmer via dnsdist wrote:
In your example queries from internal network are being redirected to the pool that can answer those.
Exactly.
But those queries should go to different IPs. So you give out a set of IPs for recursion, another set of IPs for public auth zones and a third set of IPs for internal zones.addAction(AndRule({NetmaskGroupRule(internal_dns_ips, false), NetmaskGroupRule(internal_network)}), PoolAction('internal_auth_pool'))But queries from internal network do not neccessarily ask only for internal zones, they might as well need recursion or maybe even the public pool.
How can I handle that? Should the DNS server that the clients of the internal network use make the distinction between where normal recursive queries shall be sent to and where to send those who are private domains?
The clients should only talk to the recursive resolver, I guess? Best regards, Jacob P.S. Jochen, sorry for writing to you directly - I wanted to answer on-list.
_______________________________________________ dnsdist mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/dnsdist
