Thanks for your response, May I add that it's not the authoritative DNS, but it's the ccTLD DNS server (example like server for .com.country_names, .co.country_names, or .net.country_names)
There was a time when this DNS server was down, all of the traffic from the country's local ISP (who's using their own DNS server) unable to resolve the internet banking domain names, however the record usually still cached on the public DNS server (e.g. Google). So there's no problem in IP connectivity from client to server, only problem is DNS cannot be resolved, because ccTLD DNS server is down. On Thu, Feb 29, 2024 at 12:09 AM Nico Cartron <nico...@ncartron.org> wrote: > > > On 28 Feb 2024, at 14:26, Affan Basalamah via dnsdist < > dnsdist@mailman.powerdns.com> wrote: > > > > > > Hi, > > > > I'm responsible for managing DNS server for service providers, and they > request that DNS server usually have some important domain from my country > ccTLD that usually can't be resolved because of the their authoritative DNS > was not reliable, and every user usually contacted the service provider, > and they ask us to forward these domains to public DNS resolver (google, > CF, etc) > > > > Usually it become repetitive & menial effort from our side, and I wonder > how it's possible these logic can be achieved using DNSDist: > > > > - DNSDist is installed in front of provider DNS server, and create > default pool for provider DNS server > > - Create another pool for public DNS server (google, CF, Q9, etc) > > - Can I create list of domain that usually problematic to be redirected > to the public DNS pool? > > - Can I create rules for these domains to be forwarded to the public DNS > pool? > > - Can I create health check for these rules to be activated (every 1 or > 5 minutes, to check whether the authoritative DNS server for these domain > is still alive), and if the authoritative server is down, the rules is > activated, these domains is forwarded to public DNS pool > > - After health check find out the authoritative DNS server is alive, the > rule is disabled, the domain is resolved via the provider DNS > > > > > > Sorry because I don't completely understand the capability of DNSdist, > but I hope you can shed some light to me about this, and I hope DNSdist can > solve this kind of problem. > > Hi, > > I don’t get how forwarding the request to a public DNS such as Cloudflare > or Google would fix your issue, since you said that was the Authoritative > servers responsible for those domains that had issues? -- -affan
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
