On 06/04/2022 10:44, Adam Cecile wrote:
If at all possible, I'd suggest you simply run auth and recursor
bound to separate IP addresses - whether that be on the same host, or
in VMs or containers. Then you point your clients at your recursor
IP(s), your NS records at your auth server hostname(s), and dnsdist
isn't required.
Well that'd make things more complicated because the server running
authoritative do need to use recursor facilities too :D
That's not an issue.
If the server needs to *use* recursor facilities, then you point its
resolv.conf to whatever IP address your recursor is bound to - whether
this is on the same host, or a different host makes no difference.
Normally you'd dedicate a server to auth (or VM or container), and point
to a separate recursor - well, two recursors for redundancy. But if you
run both auth and recursor on the same server/VM, but bound to different
IPs, that will work too.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users