Habbie
commented
5 years ago I did wonder if this would be in trailing data, however it appears not in initial testing.
It would not be. I don't think we can currently do what you are asking for, indeed.
Open tom1198 opened 5 years ago
Habbie
commented
5 years ago I did wonder if this would be in trailing data, however it appears not in initial testing.
It would not be. I don't think we can currently do what you are asking for, indeed.
tom1198
commented
5 years ago Is this also missing from AXFR question too ?
Just trying to setup supermaster axfr between a slave and a master (single IP on each) and steering the notifications and AXFR to the appropriate instance.
Notify i can workaround as that can directly target a non standard port, however supermaster does not seem to support that, so steering on dnsdist (or a second IP address, which i am trying to resist) would seem a sensible approach.
If you have any alternative suggestions, please let me know.
Thanks
Habbie
commented
5 years ago Is this also missing from AXFR question too ?
There is no TSIG logic anywhere in dnsdist, as far as I know.
Notify i can workaround as that can directly target a non standard port, however supermaster does not seem to support that
That should work - you can get help with that via IRC or our mailing list. Details are at https://www.powerdns.com/opensource.html
tom1198
commented
5 years ago ok, thanks, ill dig a bit deeper on supermaster with alternate ports as that would solve my immediate issues (and reach out to the mailing list if needed)
franklouwers
commented
5 years ago Somebody came to me with a different use case that would benefit from the ability to get access to the tsig key name:
"In Bind, I can send requests signed by TSIG key #1 to the internal view, and requests signed by TSIG key #2 to the external view. Is something like that possible with PowerDNS?"
nwhisper2014
commented
3 years ago Is there any work being done on this issue? I really need this functionality...
Habbie
commented
3 years ago Hello Roman, no work is being done on this. We'll consider patches if somebody sends them. Sorry!
nwhisper2014
commented
2 years ago Maybe there's an update on this topic? ) Without this function, it is impossible to implement a split zone with synchronization in the primary/secondary scheme
nwhisper2014
commented
2 years ago Is there any news about this feature? =)
nwhisper2014
commented
1 year ago Maybe you could add this feature? Please :)
Habbie
commented
1 year ago Hello, repeating this question is not useful. This ticket is milestoned "dnsdist-helpneeded", which means we think it's a fine idea, but do not currently plan to work on it. However, if somebody (you?) sends a PR, we will take that very seriously.
Short description
Allow access to TSIG data from DNSQuestion object
Having access to the TSIG key name for notify ops would be useful
Usecase
To be able to steer notify messages towards distinct pools based on a TSIG key name regex match
Description
dnsdist to make available this information so that it can be used for steering decisions. No validation / verification desired, just access to the TSIG key name.
I did wonder if this would be in trailing data, however it appears not in initial testing.
Apologies if this is already present and i just did not spot it
Thanks