These are all acl drops. Ponder using setting an acl with setACL()!
On Dec 17, 2015 5:05 PM, Federico Olivieri <[email protected]> wrote: > > Ok, > I have managed to run dnsdist. Now it is up and running, however, form the > web page I can see that all packets are dropped > > Uptime: a minute, Number of queries: 673 (7 qps), ACL drops: 673, Dynamic > drops: 0, Rule drops: 0, Blockfilter drops: 0 > > I have tried different configurations but the problem remain. That is my > actual conf > > newServer{address="192.168.0.3:53", checkType="A", > checkName="www.google.com.", mustResolve=true, qps=10, order=1} > newServer{address="5.172.xx.xx:53", checkType="A", > checkName="www.google.com.", mustResolve=true, qps=100, order=2} > setServerPolicy(firstAvailable) > webserver("192.168.0.2:8083", "supersecret") > > Any idea about what I have missed? > > Thanks > > Federico > > 2015-12-17 15:13 GMT+00:00 Federico Olivieri <[email protected]>: >> >> Found by myself. >> >> RTFM >> >> I haven't read for entire the README :) >> >> "By default, the availability of a downstream server is checked by regularly >> sending an A query for "a.root-servers.net.". A different query type and >> target can be specified by passing, respectively, the 'checkType' and >> 'checkName' parameters tonewServer. The default behavior is to consider any >> valid response with a RCODE different from ServFail as valid. If the >> 'mustResolve' parameter of newServer is set to true, a response will only be >> considered valid if its RCODE differs from NXDomain, ServFail and Refused." >> >> Still remain the question about the dnsdist+recursor...Maybe I'll find the >> answer before the end of the README file >> >> Federico >> >> 2015-12-17 14:44 GMT+00:00 Federico Olivieri <[email protected]>: >>> >>> Hi all, >>> I'm playing around with dnsdist on my raspberry. My idea is to use it as >>> load balancer between 2 server. I had a look around and I have implemented >>> this conf >>> >>> root@raspberrypi:/etc/dnsdist# cat dnsdist.conf >>> newServer{address="192.168.0.3"} >>> newServer{address="5.172.1xx.xx"} >>> >>> When I start dnsdist I get this message Marking downstream 192.168.0.3:53 >>> as 'down' and seems not working >>> >>> Dec 17 14:26:46 raspberrypi dnsdist[2434]: Listening on 127.0.0.1:53 >>> Dec 17 14:26:46 raspberrypi dnsdist[2434]: dnsdist 0.0.523g812632e comes >>> with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to >>> redistribute it according to the terms of the GPL version 2 >>> Dec 17 14:26:47 raspberrypi dnsdist[2434]: Marking downstream >>> 192.168.0.3:53 as 'down' >>> Dec 17 14:26:48 raspberrypi dnsdist[2434]: Marking downstream >>> 5.172.120.59:53 as 'down' >>> >>> Questions: >>> there is extra conf that I need to do? >>> How dnsdist recognizes if a server is UP or DOWN >>> Another question. Is it possible to run dnsdist in the same server that >>> running pdns-recursor? My understanding is that both use 127.0.0.1 in order >>> to run and they cannot coexist. maybe there is a way to bind dnsdist to >>> another interface >>> >>> Thanks!!! >> >> > _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
