Hi all,
I've searched pdns docs as well as threads here but can find nothing
about how to deploy ecs or more specifically, under which circumstance
ecs can be used.
From what I understand of ecs, the recursor will forward the client's
IP with the request to the auth (or intermediate) servers
Apologies, to clarify:
1. No we do not own the auth servers, the queries are for general internet
DNS lookups so could hit any auth server. The recursor does it's standard
root server and down lookups ...
2. The desired outcome is that clients are directed to local resources
especially for office
will entail
some work as we'll have to create specific mappings for each branch. But
it's the only option I can see for the moment.
Thank you very much for your replies.
Regards, Robby
On Tue, 8 Nov 2022 at 09:24, Otto Moerbeek wrote:
> On Tue, Nov 08, 2022 at 08:35:33AM +02
est
And there doesn't seem to be any logging inside the container - am I
missing something?
Regards, Robby
On Tue, 8 Nov 2022 at 11:44, Brian Candler wrote:
> On 08/11/2022 09:20, Robby Pedrica via Pdns-users wrote:
>
> > The CDN services work correctly when a branch uses th
I've upgraded the pdns-recursor docker image today for the 4.8.0 vuln
recently noted. My version from pdns-recursor is now listed as:
Version: PowerDNS recursor 0.0.0.0.HEAD.gHEAD
This is different from previous where it indicated the actual version, eg.
4.8.0. Is this expected or an issue?
--
Hi all,
I'm not sure if this is a change in behaviour or I simply haven't noticed
this before but after upgrading my docker image today, I've seen queries
being dropped due to the mapped address in my proxy mappings being used for
allow-from rather than the src/original address. I use a private-pu
From: Erik Winkels via Pdns-users
To: Robby Pedrica via Pdns-users
Reply-To: Erik Winkels
Date: Fri, Jan 20 2023 16:49:06 GMT-02:00
Subject:[Pdns-users] Docker image upgrade version issue
Hi Robby
proxy header instead of the address of the proxy will
be checked against the allow-from ACL."
https://docs.powerdns.com/recursor/settings.html#proxy-protocol-from
-Otto
On Fri, Jan 20, 2023 at 05:48:31PM +0200, Robby Pedrica via
Pdns-users wrote:
> Hi all,
tings.html#proxy-protocol-from
>
> -Otto
>
>
> On Fri, Jan 20, 2023 at 05:48:31PM +0200, Robby Pedrica via Pdns-users
> wrote:
>
> > Hi all,
> >
> > I'm not sure if this is a change in behaviour or I simply haven't noticed
> > this before bu
>
> > 1. accurately enable ACLs via allow-from
>
> As far as I know, the ACL are checked accurately, i.e. as defined in
> the docs.
>
> > 2. use proxy-mapped public address from addProxyMapping for ecs/edns
> queries
> >
> > Currently, the proxy mapped address is being used to match against
> > all
10 matches
Mail list logo
