Please show your full configuration, including versions etc. Also, it is not clear which product you are using.
The recursor docs say: "Note that once a Proxy Protocol header has been received, the source address from the proxy header instead of the address of the proxy will be checked against the allow-from ACL." https://docs.powerdns.com/recursor/settings.html#proxy-protocol-from -Otto On Fri, Jan 20, 2023 at 05:48:31PM +0200, Robby Pedrica via Pdns-users wrote: > Hi all, > > I'm not sure if this is a change in behaviour or I simply haven't noticed > this before but after upgrading my docker image today, I've seen queries > being dropped due to the mapped address in my proxy mappings being used for > allow-from rather than the src/original address. I use a private-public > address mapping in the proxy maps because I use the mapped public IP as > part of ecs/edns. > > I've now set: > > proxy-protocol-from=<mapped ip> (or should this be the src IP?) > > but this doesn't appear to have changed anything and queries are still > being dropped. > > Can anyone advise where I'm going wrong? I don't mind putting the mapped > (public) IP in allow-from but would prefer not to do it if not required. > > Regards > > -- > Robby Pedrica > > c: +27 82 416 8696 > _______________________________________________ > Pdns-users mailing list > Pdns-users@mailman.powerdns.com > https://mailman.powerdns.com/mailman/listinfo/pdns-users _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
