Re: [dnsdist] Enabling cache for certain sources?

Sun, 21 Apr 2024 12:40:18 -0700 

Thanks,

Perhaps that’s a better solution to have multiple groups to be able to increase 
all limits

Re,
/P

> On 19 Apr 2024, at 14:31, Frank Louwers <fr...@tembo.be> wrote:
> 
> There's a typo in my earlier message:
> 
> 
>> dbr_regular:excludeRange("192.0.2.0/24") -- all but this cidr
>> 
>> dbr_relaxed:excludeRange("0/0") -- first remove them all
>> dbr_regular:includeRange("192.0.2.0/24") -- all but this cidr
>> 
> 
> 
> should have been:
> 
> dbr_regular:excludeRange("192.0.2.0/24") -- all but this cidr
> 
> dbr_relaxed:excludeRange("0/0") -- first remove them all
> dbr_relaxed:includeRange("192.0.2.0/24") -- all but this cidr
> 
> 
>> 
>> Frank Louwers
>> PowerDNS Certified Consultant @ Kiwazo.be
>> 
>> 
>> 
>> 
>> 
>>> On 19 Apr 2024, at 14:22, Fredrik Pettai via dnsdist 
>>> <dnsdist@mailman.powerdns.com> wrote:
>>> 
>>> Hi,
>>> 
>>>> On 17 Apr 2024, at 08:52, Jacob Bunk Nielsen via dnsdist 
>>>> <dnsdist@mailman.powerdns.com> wrote:
>>>> 
>>>> Andreas Wili via dnsdist <dnsdist@mailman.powerdns.com> writes:
>>>> 
>>>>> Now, there are two servers on the network for which all DNS queries must
>>>>> not be cached.
>>>> 
>>>> Ahh, then you just do:
>>>> 
>>>> no_cache_ips = newNMG()
>>>> 
>>>> -- IPs of servers that shouldn't use the cache
>>>> no_cache_ips:addMask('192.0.2.1/32')
>>>> no_cache_ips:addMask('192.0.2.8/32')
>>>> 
>>>> addAction(NetmaskGroupRule(no_cache_ips, true), SetSkipCacheAction())
>>> 
>>> 
>>> Slightly OT, I wonder if it would be possible to reverse the suggested 
>>> solution,
>>> to cache only queries from specific IPs and skip the caching "for the rest” 
>>> ?
>>> 
>>> The reason for asking is that we have some external resolvers / NAT:ed 
>>> clients that use our resolvers,
>>> and instead of using a excludeRange() to completely ignore those IPs, I’d 
>>> rather would like to give
>>> them less restrictive DynBlock rules in some way.
>>> 
>>> (I interpreted that the DynBlockRulesGroup rules for queries that hit the 
>>> cache doesn’t add to the counter(s)?
>>> Or has that changed in the recent versions? 
>>> (https://dnsdist.org/reference/config.html#DynBlockRulesGroup))
>>> 
>>> Re,
>>> /P
>>> _______________________________________________
>>> dnsdist mailing list
>>> dnsdist@mailman.powerdns.com
>>> https://mailman.powerdns.com/mailman/listinfo/dnsdist
>> 
>

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
dnsdist mailing list
dnsdist@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/dnsdist

Reply via email to