Dear Bert;
Firstly, thanks a lot for fast and illustrative replies. i learned a
lot of things. But i have a problem again :(
I change the dnsdistconf.lua file blockfilter() function as:
function blockFilter(remote, qname, qtype, dh)
print("any query, tc=1")
dh:setTC(true)
dh:setQR(true)
if(qname:isPartOf(block))
then
print("Blocking *.powerdns.org")
return true
end
return false
end
then i did re-installation and run dnsdist. However, nothing is changed..
Alinti bert hubert <bert.hub...@powerdns.com>
sent from the wrong account first, sorry.
Begin forwarded message:
Subject: Re: [Pdns-dev] How to set PowerDNS Server with option any-to-tcp
From: bert hubert <bert.hub...@netherlabs.nl>
Date: 25 Aug 2015 12:39:05 CEST
Cc: Aki Tuomi <cmo...@youzen.ext.b2.fi>, pdns-dev@mailman.powerdns.com
To: Burak Ozalp <burak.oz...@metu.edu.tr>
On 25 Aug 2015, at 12:24, Burak Ozalp <burak.oz...@metu.edu.tr> wrote:
Thanks Bert,
I installed dnsdist. with addAnyTCRule() i can easily do pdns
any-to-tcp(). However, i couldn't manage to do for all types of
queries. Should I patch the conf file ?
Hi Burak,
Try:
"The blockFilter() also gets passed read/writable copy of the DNS
Header. If you invoke setQR(1) on that, dnsdist knows you turned
the packet into a response, and will send the answer directly to
the original client.
If you also called setTC(1), this will tell the remote client to
move to TCP/IP, and in this way you can implement ANY-to-TCP even
for downstream servers that lack this feature.?
See:
https://github.com/PowerDNS/pdns/blob/master/pdns/README-dnsdist.md#any-or-whatever-to-tc
just call setQR(1) and setTC(1) on the header field of
blockFilter() and you are done.
Good luck!
Best Regards
Burak Ozalp
Alinti bert hubert <bert.hub...@powerdns.com>
Hi Burak,
dnsdist can do this easily, please see http://dnsdist.org/ for
more details.
It can set TC on any criterium.
Good luck!
Bert
On Tue, Aug 25, 2015 at 09:59:12AM +0300, Burak Ozalp wrote:
Dear Tuomi,
Yes it works.Does it possible to force all UDP request with
truncated packet, and force all to use TCP ?
Best Regards
Burak Ozalp
Alinti Aki Tuomi <cmo...@youzen.ext.b2.fi>
On Mon, Aug 24, 2015 at 03:36:02PM +0300, Burak Ozalp wrote:
I install PowerDNS with MySql backend from here.I would like to set
any-to-tcp=yes for PowerDNS Server. I tried to configure
/etc/powerdns/pdns.conf file and add a line "any-to-tcp=yes". This
option should reject UDP request from client and force to use tcp.
But when i run dig @127.0.0.1 it doesn't set the truncated bit in
response, so it doesn't work.
How to set correctly any-to-tcp option ?
It only truncates ANY query, try dig any domain.com @localhost
_______________________________________________
Pdns-dev mailing list
Pdns-dev@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-dev
_______________________________________________
Pdns-dev mailing list
Pdns-dev@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-dev
_______________________________________________
Pdns-dev mailing list
Pdns-dev@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-dev
