On Tue, Feb 16, 2016 at 11:55 PM, Zhi Chang <chang...@unitedstack.com> wrote: > DNS redirection is our customer's needs. Customer has their own CDN. They > want to save traffic in CDN so that they can cost less money. > So they let us hijack some domain names. We used dnsmasq "--cname" option to > satisfy their needs. So I think that maybe we can add > "cnames" into subnet's attributes.
So, you add a CNAME for something like mycdn.somedomain.com and send it somewhere local. Is that what you mean by hijack? Could you provide a contrived example of how one of these CNAMEs might look? Right now, you might be able to accomplish this by pointing dnsmasq to your own upstream DNS resolvers which have the CNAMEs. Or, do the CNAMEs need to be tenant/network specific? You could also bypass dnsmasq by setting the dns servers on the subnets to go to some external server. > BTW, I'm not quite understand about "--cname is limited to target names > known by dnsmasq itself". Could you give me some explanation about it? >From the dnsmasq man page: --cname=<cname>,<target> Return a CNAME record which indicates that <cname> is really <target>. There are significant limitations on the target; it must be a DNS name which is known to dnsmasq from /etc/hosts (or additional hosts files), from DHCP, from --interface-name or from another --cname. If the target does not satisfy this criteria, the whole cname is ignored. The cname must be unique, but it is permissable to have more than one cname pointing to the same target. Carl __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev