抄的怕丢,没试过,看起来可以
https://www.frank.be/implementing-bind-views-with-powerdns/
/etc/powerdns-internal/pdns.conf
setgid=pdns
setuid=pdns
launch=bind
bind-config=/etc/powerdns-internal/named.conf
local-port=1053
socket-dir=/var/run/powerdns-internal
/etc/powerdns-external/pdns.conf
setgid=pdns
setuid=pdns
launch=bind
bind-config=/etc/powerdns-external/named.conf
local-port=2053
socket-dir=/var/run/powerdns-external
/etc/powerdns-external/named.conf
The bind-config file resembles a traditional BIND config file snippet, as shown below.
zone "mycompany.tld" {
file "/var/lib/powerdns/zone-external.db";
type master;
};
dnsdist loadbalancer
In front of both servers, we’re running a dnsdist instance. dnsdist is a software DNS loadbalancer and attack filtering tool. We’ll use the load balancing features in this example to send all requests from the internal subnet to the “internal” pdns instance, and all other requests to the “public” instance.
/etc/dnsdist/dnsdist.conf
setLocal('0.0.0.0')
setACL('0.0.0.0/0')
newServer({address="127.0.0.1:1053", pool="internal"})
newServer({address="127.0.0.1:2053", pool="external"})
addAction({"10.10.10.0/24"}, PoolAction("internal")) 这个是只能根据ip段来分pool
addAction({"10.10.10.0/24"}, LuaAction(luarule)),这个是根据ip段+请求的域名分pool可简化pool的配置,待测试验证
addAction(AllRule(),PoolAction("external"))
#### 要做本地解析的域名,可以简化配置文件,可以维护一个域名列表,本人对lua不熟。仅仅到此了。
function luarule(dq)
if dq.qname:equal('example.com')
then
return DNSAction.Pool, "internal" -- send to abuse pool
else
return DNSAction.Pool, "external" -- no action
end
end
需要用到lua,参考:
https://doc.powerdns.com/recursor/lua-scripting/dq.html#
https://dnsdist.org/advanced/luaaction.html
https://github.com/PowerDNS/pdns/blob/master/pdns/recursordist/contrib/powerdns-example-script.lua
扫一扫
1793
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
