How can I use the view(pairs) method in the Authoritative server to allocate based on the actual source IP of the request, instead of using the IP of the recursor server? #13718
-
Short descriptionWe want to dynamically resolve based on the netmask of the true source IP of the DNS request. Do you have any good suggestions? UsecaseWe attempted to use the view method of the lua records function in Authoritative, but the remote IP obtained by Authoritative is the IP of the recursor server, not the actual source IP requested. https://doc.powerdns.com/authoritative/lua-records/functions.html DescriptionSo how can we solve it? thank you very much |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
If you enable the If you're running a public service that random people across the Internet query, only some queries will include the extension: some resolvers always include it, some only include it if you make specific arrangements with the resolver operator, and many never include it at all. If you run all of the resolvers at issue, you can enable it (such as with PowerDNS Recursor). Edit: If you also use dnsdist, you need to configure it so that the ECS is cached and forwarded as you require. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you very much for your help! |
Beta Was this translation helpful? Give feedback.
If you enable the
edns-subnet-processingsetting, theview()function will make use of the EDNS Client Subnet extension if recursive resolvers send it (or use the resolver's IP if they do not).If you're running a public service that random people across the Internet query, only some queries will include the extension: some resolvers always include it, some only include it if you make specific arrangements with the resolver operator, and many never include it at all.
If you run all of the resolvers at issue, you can enable it (such as with PowerDNS Recursor).
Edit: If you also use dnsdist, you need to configure it so that the ECS is cached and forwarded as you require.