Page 1 of 1

dnsdist

Posted: Tue Jan 19, 2016 2:53 am
by chip
Shdwdrgn had mentioned dnsdist in #opennic a couple weeks ago which looks rather interesting...

"dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic."


I gave it a shot and liked the interactive console and real time statistics. I only played with it briefly and made it the primary resolver for a branch of about 50 users; it seemed stable and didn't affect performance negatively. I hope to play with it more in the future, applying the testing regime to a dnsdist server may be interesting to do.

Re: dnsdist

Posted: Wed Jan 03, 2018 7:13 am
by Nesa
I have it running on ns2.vic it seems to stop the server from being used in amplified DNS attacks.
Once i figure out how to disable all logging on it I will start using it on ns1.vic and remove the white list from that server.