pdns-recursor dnsupdate forward

[nagygao]

• Program: Recursor
• Issue type: Feature request

Short description

pdns-recursor to forward dnsupdate to authorative server

Usecase

use dnsupdate with recursor

Description

If I use the recursor and I try to send a dns registration the recursor doesn't understand it and doesn't notify the authorative server

[rgacogne]

If you don't mind me asking, what is the use case for sending a DNS update through a recursor? That sounds a bit weird to me.

[nagygao]

As far as I know the recursor has to be between the authoritative server and the client. So I have to set the recursor as the DNS server and this should be on port 53. In this case I have to install the pds server on an other machine or use an other port for example 54. So my server which can register the IP addresses via dnsupdate is not listening on port 53.

If the Windows client wans to register it's IP address to the DNS server it's sending the registration data to the DNS server which in this case the recursor.

The client can never register the IP in the DNS server.

[rgacogne]

The part that surprises me if the Windows client sending a DNS update to the configured resolver, as I assume it will almost always fail, except perhaps in AD environments? As a work-around I would suggest putting dnsdist in front of the recursor, so dnsdist would listen on port 53, the recursor on any other port like 55, and a simple rule could be used in dnsdist to route DNS UPDATE queries to the authoritative server on port 54 and everything else to the recursor on port 55. Something like:

-- listen on port 53
addLocal("127.0.0.1:53")

-- declare two backend
newServer({address="127.0.0.1:54", name="authoritative", pool="auth-servers"})
newServer({address="127.0.0.1:55", name="recursor", pool="resolvers"})

-- route DNS UPDATE queries to the auth
addAction(OpcodeRule(DNSOpcode.Update), PoolAction("auth-servers"))
-- route everything else to the resolvers
addAction(AllRule(), PoolAction("resolvers"))