Hello, If the issue is intermitting and can be mitigated by serving cached data, maybe you can configure your recursive servers to serve expired data.
On Thu, Feb 29, 2024 at 8:20 AM Affan Basalamah via dnsdist < dnsdist@mailman.powerdns.com> wrote: > Thanks for your response, > > May I add that it's not the authoritative DNS, but it's the ccTLD DNS > server (example like server for .com.country_names, .co.country_names, or > .net.country_names) > > There was a time when this DNS server was down, all of the traffic from > the country's local ISP (who's using their own DNS server) unable to > resolve the internet banking domain names, however the record usually still > cached on the public DNS server (e.g. Google). > > So there's no problem in IP connectivity from client to server, only > problem is DNS cannot be resolved, because ccTLD DNS server is down. > > On Thu, Feb 29, 2024 at 12:09 AM Nico Cartron <nico...@ncartron.org> > wrote: > >> >> > On 28 Feb 2024, at 14:26, Affan Basalamah via dnsdist < >> dnsdist@mailman.powerdns.com> wrote: >> > >> > >> > Hi, >> > >> > I'm responsible for managing DNS server for service providers, and they >> request that DNS server usually have some important domain from my country >> ccTLD that usually can't be resolved because of the their authoritative DNS >> was not reliable, and every user usually contacted the service provider, >> and they ask us to forward these domains to public DNS resolver (google, >> CF, etc) >> > >> > Usually it become repetitive & menial effort from our side, and I >> wonder how it's possible these logic can be achieved using DNSDist: >> > >> > - DNSDist is installed in front of provider DNS server, and create >> default pool for provider DNS server >> > - Create another pool for public DNS server (google, CF, Q9, etc) >> > - Can I create list of domain that usually problematic to be redirected >> to the public DNS pool? >> > - Can I create rules for these domains to be forwarded to the public >> DNS pool? >> > - Can I create health check for these rules to be activated (every 1 or >> 5 minutes, to check whether the authoritative DNS server for these domain >> is still alive), and if the authoritative server is down, the rules is >> activated, these domains is forwarded to public DNS pool >> > - After health check find out the authoritative DNS server is alive, >> the rule is disabled, the domain is resolved via the provider DNS >> > >> > >> > Sorry because I don't completely understand the capability of DNSdist, >> but I hope you can shed some light to me about this, and I hope DNSdist can >> solve this kind of problem. >> >> Hi, >> >> I don’t get how forwarding the request to a public DNS such as Cloudflare >> or Google would fix your issue, since you said that was the Authoritative >> servers responsible for those domains that had issues? > > > > -- > -affan > _______________________________________________ > dnsdist mailing list > dnsdist@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/dnsdist > -- Respectfully Mahdi A.
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
