Hi,
> On 17 Apr 2024, at 08:52, Jacob Bunk Nielsen via dnsdist
> <dnsdist@mailman.powerdns.com> wrote:
>
> Andreas Wili via dnsdist <dnsdist@mailman.powerdns.com> writes:
>
>> Now, there are two servers on the network for which all DNS queries must
>> not be cached.
>
> Ahh, then you just do:
>
> no_cache_ips = newNMG()
>
> -- IPs of servers that shouldn't use the cache
> no_cache_ips:addMask('192.0.2.1/32')
> no_cache_ips:addMask('192.0.2.8/32')
>
> addAction(NetmaskGroupRule(no_cache_ips, true), SetSkipCacheAction())Slightly OT, I wonder if it would be possible to reverse the suggested solution, to cache only queries from specific IPs and skip the caching "for the rest” ? The reason for asking is that we have some external resolvers / NAT:ed clients that use our resolvers, and instead of using a excludeRange() to completely ignore those IPs, I’d rather would like to give them less restrictive DynBlock rules in some way. (I interpreted that the DynBlockRulesGroup rules for queries that hit the cache doesn’t add to the counter(s)? Or has that changed in the recent versions? (https://dnsdist.org/reference/config.html#DynBlockRulesGroup)) Re, /P
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist
