I've already configured ECS, as you can suggested, in my existing configuration, but that's not working
*Larry G. Wapnitsky* *E: la...@wapnitsky.com* *Web: Larry.Wapnitsky.com <http://larry.wapnitsky.com/>* On Sat, Jun 3, 2023 at 3:00 AM Larry Wapnitsky <la...@wapnitsky.com> wrote: > I'm using dnsdist to route my clients based on subnet as to whether or not > they should be using my pihole server for adblocking. Overall, this works > great, but I"m noticing that pihole groups all queries by client to a > single MAC address, that of the dnsdist server. Is there a way to break > this out before it goes to the pihole server? > > My dnsdist config: > > setLocal('10.150.33.102') > addLocal('[2001:470:e1eb:33::102]:53') > > > webserver("10.150.33.102:8083") > setWebserverConfig({acl="10.150.0.0/8"}) > setWebserverConfig({password='$scrypt$ln=10,p=1,r=***='}) > > addACL('10.150.0.0/8') > addACL('2001:470:e1eb::0/48') > > setECSOverride(true) > setECSSourcePrefixV4(32) > > newServer({address="10.150.33.5", name="ns1", pool="default", qps=1, > useClientSubnet=true}) > newServer({address="10.150.33.6", name="ns2", qps=1, pool="default", > useClientSubnet=true}) > newServer({address="10.150.33.7", name="ns3", pool="default", qps=1, > useClientSubnet=true}) > > > newServer({address="10.150.33.15", name="ns1_auth", pool="auth", > checkName="wapnet.local.lan"}) > newServer({address="2001:470:#", name="ns1_auth", pool="auth", > checkName="wapnet.local.lan"}) > newServer({address="10.150.33.16", name="ns2_auth", pool="auth", > checkName="wapnet.local.lan"}) > > newServer({address="2001:470:#", name="ns1_auth", pool="auth", > checkName="wapnet.local.lan"}) > newServer({address="10.150.33.17", name="ns3_auth", pool="auth", > checkName="wapnet.local.lan"}) > newServer({address="2001:470:#", name="ns1_auth", pool="auth", > checkName="wapnet.local.lan"}) > > newServer({address="10.150.33.3:53", name="pihole", pool="pihole", > useClientSubnet=true,checkInterval=3600}) > > adblock_ips=newNMG() > adblock_ips:addMask('10.150.222.0/24') > adblock_ips:addMask('10.150.12.0/24') > adblock_ips:addMask('10.150.11.0/24') > adblock_ips:addMask('10.150.66.0/24') > adblock_ips:addMask('2001:470:e1eb:66::/64') > adblock_ips:addMask('10.150.100.0/24') > adblock_ips:addMask('2001:470:e1eb:100::/64') > adblock_ips:addMask('10.150.99.0/24') > adblock_ips:addMask('10.150.33.1/32') > adblock_ips:addMask('10.150.33.211/32') > adblock_ips:addMask('10.150.33.212/32') > addAction(NetmaskGroupRule(adblock_ips), PoolAction('pihole')) > > > > addAction({'wapnet.local.lan'}, PoolAction("auth")) > > > addAction(AllRule(), PoolAction('default')) > > -- setServerPolicy(firstAvailable) > setServerPolicy(whashed) > > > > *Larry G. Wapnitsky* > > > *E: la...@wapnitsky.com* > *Web: Larry.Wapnitsky.com <http://larry.wapnitsky.com/>* > > > > >
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
