Maintained by: NLnet Labs

[Unbound-users] DNS multiplexer?

Robert Edmonds
Wed Aug 11 18:09:12 CEST 2010


João Damas wrote:
> Does anyone know of any code that will let one to run Unbound and NSD
> on the same IP address and still use port 53 for listening on both?
> 
> Something like a DNS multiplexer front end, so that the recursive
> server and the authoritative server are kept separate but the
> front-end directs queries to one or the other (either based on the RD
> bit, a locally configured list of zones, e.g. from NSD config, or some
> other way). Something that is lightweight but avoids having to burn
> additional IP addresses.

hi, joão:

i know of "dnsproxy":

Description: proxy for DNS queries
 dnsproxy forwards DNS queries to two previously configured nameservers:
 one for authoritative queries and another for recursive queries.
 The received answers are sent back to the client unchanged.
 No local caching is done.
 .
 Primary motivation for this project was the need to replace Bind servers with
 djbdns in an ISP environment. These servers get recursive queries from
 customers and authoritative queries from outside at the same IP address.
 Now it is possible to run dnscache and tinydns on the same machine with
 queries dispatched by dnsproxy.
 .
 Another possible scenario is a firewall where proxy queries should be
 forwarded to the real server in a DMZ.
Homepage: http://wolfermann.org/dnsproxy.html

-- 
Robert Edmonds
edmonds at debian.org