Thanks Mahdi for the reply, Looking at it, I'll ask my client whether serving the stale data in recursive DNS will solve the problem.
-affan On Thu, Feb 29, 2024 at 1:35 PM Mahdi Adnan <ma...@sysmin.io> wrote: > Hello, > > If the issue is intermitting and can be mitigated by serving cached data, > maybe you can configure your recursive servers to serve expired data. > > On Thu, Feb 29, 2024 at 8:20 AM Affan Basalamah via dnsdist < > dnsdist@mailman.powerdns.com> wrote: > >> Thanks for your response, >> >> May I add that it's not the authoritative DNS, but it's the ccTLD DNS >> server (example like server for .com.country_names, .co.country_names, or >> .net.country_names) >> >> There was a time when this DNS server was down, all of the traffic from >> the country's local ISP (who's using their own DNS server) unable to >> resolve the internet banking domain names, however the record usually still >> cached on the public DNS server (e.g. Google). >> >> So there's no problem in IP connectivity from client to server, only >> problem is DNS cannot be resolved, because ccTLD DNS server is down. >> >> On Thu, Feb 29, 2024 at 12:09 AM Nico Cartron <nico...@ncartron.org> >> wrote: >> >>> >>> > On 28 Feb 2024, at 14:26, Affan Basalamah via dnsdist < >>> dnsdist@mailman.powerdns.com> wrote: >>> > >>> > >>> > Hi, >>> > >>> > I'm responsible for managing DNS server for service providers, and >>> they request that DNS server usually have some important domain from my >>> country ccTLD that usually can't be resolved because of the their >>> authoritative DNS was not reliable, and every user usually contacted the >>> service provider, and they ask us to forward these domains to public DNS >>> resolver (google, CF, etc) >>> > >>> > Usually it become repetitive & menial effort from our side, and I >>> wonder how it's possible these logic can be achieved using DNSDist: >>> > >>> > - DNSDist is installed in front of provider DNS server, and create >>> default pool for provider DNS server >>> > - Create another pool for public DNS server (google, CF, Q9, etc) >>> > - Can I create list of domain that usually problematic to be >>> redirected to the public DNS pool? >>> > - Can I create rules for these domains to be forwarded to the public >>> DNS pool? >>> > - Can I create health check for these rules to be activated (every 1 >>> or 5 minutes, to check whether the authoritative DNS server for these >>> domain is still alive), and if the authoritative server is down, the rules >>> is activated, these domains is forwarded to public DNS pool >>> > - After health check find out the authoritative DNS server is alive, >>> the rule is disabled, the domain is resolved via the provider DNS >>> > >>> > >>> > Sorry because I don't completely understand the capability of DNSdist, >>> but I hope you can shed some light to me about this, and I hope DNSdist can >>> solve this kind of problem. >>> >>> Hi, >>> >>> I don’t get how forwarding the request to a public DNS such as >>> Cloudflare or Google would fix your issue, since you said that was the >>> Authoritative servers responsible for those domains that had issues? >> >> >> >> -- >> -affan >> _______________________________________________ >> dnsdist mailing list >> dnsdist@mailman.powerdns.com >> https://mailman.powerdns.com/mailman/listinfo/dnsdist >> > > > -- > Respectfully > Mahdi A. > -- -affan
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
