Re: [Pdns-users] Modifying DNS Response

2015-09-21 Thread Peter Thomassen 
Hi Klaus,

On 09/21/2015 04:11 PM, Klaus Darilion wrote:
> With Anycast it works from the beginning, but is not always correct (BGP
> is optimized for cheapest routing, not for most efficient routing). Any
> if it is to expensive for you to build an Anycast network, just host
> your domains with some anycast provider. There are several with IMO
> reasonable prizes.

Do you happen to have a recommendation or two?

Thanks!

Cheers,
Peter



signature.asc
Description: OpenPGP digital signature
___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Modifying DNS Response

2015-09-21 Thread Klaus Darilion 


On 18.09.2015 12:47, Önem Özgülgen wrote:
> Hello,
> 
> As i wish to send original queries to the closest server and respond to
> them, if there's something can be done reliable and affordable "before"
> an Anycast BGP Routing, it'll be really cool!
> 
> Yes, i'd like to get more detailed information about it please!

You could just use several unicast IP adresses for the authoritative
name servers. The DNS resolvers usually measure the round trip times to
them and then choose the fastest for the following queries.

With Anycast it works from the beginning, but is not always correct (BGP
is optimized for cheapest routing, not for most efficient routing). Any
if it is to expensive for you to build an Anycast network, just host
your domains with some anycast provider. There are several with IMO
reasonable prizes.

regards
Klaus

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Modifying DNS Response

2015-09-14 Thread Klaus Darilion 
You write that "me" is a recursive server, but the redirect to "you" is
done by iptables. This seems redundant - the forwarding should be done
either by the recurser or by iptables.

regards
Klaus

On 10.09.2015 00:19, Önem Özgülgen wrote:
> Hello,
> 
> I was playing with Lua scripting of PowerDNS and want to learn if
> something could be done via preoutquery and/or postresolve functions.
> 
> Is it possible to change query sender ip address of the dns packet and
> making response to another ip address "legally"?
> 
> Let me give an example;
> 
> me -  PowerDNS Recursive Server in Amsterdam
> you - PowerDNS Authoritative Server in London
> they - Client in London
> 
> Client "they" is querying helloworld.com  domain
> name via London ip address to server "me".
> Server "me's" forwarding the dns request to authoritative server "you"
> because of geobased iptables rules.
> Server "you", for sure, will handle the packet and generate a response
> to server "me" with the necessary information.
> Server "me" will response the package coming from server "you" to client
> "they".
> 
> What i want to learn is; when client "they" is querying helloworld.com
>  domain name via London ip address to server
> "me", and after server "me" forwarded the dns request to authoritative
> server "you", could server "you" generate a response packet directly to
> client "they" without giving reply to server "me"?
> 
> Hope, i'd explain my question clearly.
> 
> Thanks.
> 
> 
> ___
> Pdns-users mailing list
> Pdns-users@mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Re: [Pdns-users] Modifying DNS Response

2015-09-10 Thread bert hubert 
On Thu, Sep 10, 2015 at 01:19:23AM +0300, Önem Özgülgen wrote:
> Is it possible to change query sender ip address of the dns packet and
> making response to another ip address "legally"?

No, not right now. And if I understand you correctly, you'd not only have to
change the response destination address, but also the source address,
because otherwise 'they' in london would not recognize your response?

That would be especially hard. Only changing the destination IP would be
somewhat doable.

Please let us know!

Bert

___
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users