-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FeatureRequest: Redirect to alternate upstream in no data in ANSWER section #24
Comments
The fanout external plugin may act this way. Per the fanout README, it says that it forwards the first "non-negative" response. A NODATA response (i.e. a NOERROR with zero answers) is considered a "negative response" in DNS. Setting |
Thanks for the suggestion. Wanted to test it out, but it seems that fanout plugin does not work with Anyway, I am not sure if it'll work. I believe that NOERROR with no answers is valid positive response (at least in logical DNS meaning, but sure, can be implemented in different way), so it will probably not work. Also I am just playing with different DNS servers and CoreDNS seems to be kinda nice - would be nice to have all-in-one software. So I was just suggesting if someone wants to implement this. The behavior I am describing can be achieved in real, but I have to combine two softwares. It is possible to use dnsdist (can be running locally) as primary target (which is able to change RCODE to SERVFAIL for example when there are no ANSWER data), and then alternate will work. I could post a configuration for that, but I believe it is not the right place to talk about configs for totally different software. |
That's unfortunate. Should be an easy fix though. I suspect the 2 minimum is as arbitrary as it is undocumented.
Per the DNS RFCs, a "NODATA" response is a considered a negative response. IMO, this makes logical sense, since no answer is present in a NODATA response - hence it is negative. I don't know how fanout actually behaves. I haven't tested it or looked a the code to see what it actually does. I'm just going on what the README says.
You can do the same with fanout using local forwarding. E.g. fanout can "fan out" to other server blocks which each forward to a group of servers. Kinda hacky though. That said - adding the pseudo "NODATA" type as an option in alternate is probably not hard to add. |
Added support for the NODATA-type, tested internally, works fine.
Before building coredns worked out for me. |
Many thanks! It seems to work as I was suggesting. That's great. |
Yeah, using it since then for split-brian(sic!) DNS. |
Hello,
Would it be possible to add condition to redirect if there are no data in ANSWER section of response from first upstream?
For example:
I am querying for TXT record of
example.com
CoreDNS will query first backend and will got response with
NOERROR
, but no data in ANSWER section (there is no TXT record for this domain on first backend, but domain exists and has an A record for example).But there is second backend, which does have TXT record for
example.com
.The text was updated successfully, but these errors were encountered: