Hello,
I need to set up my cdn and it need to response different ip addresses in different location to speedup.Thus the DNS via geographic location(GeoDNS)is required.Is it possible to achieve this feature in deSEC?
Hi cjydev,
Unfortunately, GeoDNS is not currently supported (and won’t be in the foreseeable future, unless somebody contributes the necessary code [which would be a major project]).
Stay secure,
Peter
Hello,
It seems that there’re sorce code already pubilced for GeoDNS’s setting up at GitHub - abh/geodns: DNS server with per-client targeted responses (Server Side)
It seems like there is no obvious way for implementing GeoDNS in the current powerdns nslord+nsmaster setup with signed AXFR. So, I made a feature request for powerdns: CASE records (LUA records on servers without DNSSEC signing key) · Issue #12597 · PowerDNS/pdns · GitHub
With this feature, the desec api server could expose a nice API for GeoDNS records, triggering the creation of LUA and CASE records on nslord. Would this way be acceptable for desec?
1 Like
We’re not hooked on PowerDNS for our anycast frontends, and in fact will likely soon diversify and run a set of pdns and a set of KnotDNS instances. I’m not sure there’s an interoperable way to achieve what you’re proposing; if there is, we’re certainly not opposed!
Cheers,
Peter
1 Like